- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Bandwidth monitoring in a Cisco ASA?
Posted on 10/24/14 at 4:50 pm
Posted on 10/24/14 at 4:50 pm
So I've made it no secret here that I think Cisco security devices are a complete fricking waste, little value for the money, difficult to setup, etc.
I like pfSense, it's easy as hell and I can install tools and get graphs on bandwidth usage, general or detailed by local IP, etc.
I have a customer with an ASA 5505 and he wants to find out who's torrenting. I have no idea how I would go about that in an ASA. Any ideas? Thanks.
I like pfSense, it's easy as hell and I can install tools and get graphs on bandwidth usage, general or detailed by local IP, etc.
I have a customer with an ASA 5505 and he wants to find out who's torrenting. I have no idea how I would go about that in an ASA. Any ideas? Thanks.
Posted on 10/24/14 at 6:08 pm to Casty McBoozer
You can look at logs, but you are right, hard to do without the larger Cisco suite.
Posted on 10/24/14 at 10:44 pm to ColdDuck
Wireshark?
Call Cisco? If you're on a smart net account they'll troubleshoot it for you. But, that said the last 2 times I had them in an ASA they were wrong about what was wrong.
Call Cisco? If you're on a smart net account they'll troubleshoot it for you. But, that said the last 2 times I had them in an ASA they were wrong about what was wrong.
Posted on 10/25/14 at 1:51 pm to LordSnow
Jesus these ASA's are frickin' worthless
Posted on 10/25/14 at 2:41 pm to Casty McBoozer
You can see this by using the ASDM GUI. there is a top 10 hosts feature that will show this.
Posted on 10/25/14 at 2:56 pm to MikeBRLA
quote:
You can see this by using the ASDM GUI. there is a top 10 hosts feature that will show this.
What do I need to run this? IE6 and Java 5.0?
ETA: halfway joking.
Can I see what ports/IPs they're bound for or does it just list top 10? How much useful info can I get out of this thing?
This post was edited on 10/25/14 at 2:58 pm
Posted on 10/25/14 at 5:32 pm to Casty McBoozer
The ASA's provide deep analytics of packets. You need to do some research. You can setup captures and export them to PCAP files. From wireshark you can deep dive into the packets. In this case I would suggest setting up a capture on the outside interface for any source/dest ip address and match it to the default torrent ports. This will however only capture the average torrenter not someone who has changed to a different port.
ASA's are an enterprise solution and do have a sharp learning curve. I understand they make versions that are for smaller solutions as well. The software remains nearly the same regardless of model. If you commit some time to learning the device, I think you could begin to love all of its advanced features.
LINK
ASA's are an enterprise solution and do have a sharp learning curve. I understand they make versions that are for smaller solutions as well. The software remains nearly the same regardless of model. If you commit some time to learning the device, I think you could begin to love all of its advanced features.
LINK
This post was edited on 10/25/14 at 5:55 pm
Posted on 10/26/14 at 8:14 am to dieselbo4lyfe
quote:
The ASA's provide deep analytics of packets. You need to do some research. You can setup captures and export them to PCAP files. From wireshark you can deep dive into the packets. In this case I would suggest setting up a capture on the outside interface for any source/dest ip address and match it to the default torrent ports. This will however only capture the average torrenter not someone who has changed to a different port.
ASA's are an enterprise solution and do have a sharp learning curve. I understand they make versions that are for smaller solutions as well. The software remains nearly the same regardless of model. If you commit some time to learning the device, I think you could begin to love all of its advanced features.
Like I said, worthless crap when there are less expensive solutions out there that can provide this information ON THE DEVICE ITSELF with easy to read graphs on the web interface. frick Cisco, I'm not learning all that bullshite.
Back to top
Follow TigerDroppings for LSU Football News