The lights on the switch indicate that the activity is on the link to the Windows box
Windows likes to periodically announce itself to the network at large, as samba does.
Now I would like to monitor this activity to see what it is, AND I want to do this from the relative safety of my linux m/c. Can anyone advise me, bearing in mind my present knowledge of networking, how I might set about this.
Packet sniffers are your friends. I like snort - it's an IDS, but includes a handy packet sniffer. Something like "snort -dvi ppp0" on your firewall box, and see what ports the windows box is talking on. You'll probably just see packets containing the machine's name and so forth. Another popular packet sniffer is tcpdump.
Regards, John Spray
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
