We can monotor the flow of packages based on the type of protocol, address the origin, destination address and port types. With this facility, which has been provided in the Packet System, when we installed Mikrotik RouterOS, the easier we in the administration of the router, form this facility, we can guess whether the flow of data in the machine we are Normal or not. Flooding monitor the occurrence, to monitor the activities Malware, and so forth.
Easy enough to use them, usually to be more comfortable int the Monitorin, please activated throuh Winbox, to enter Router. It view the image below.
Torch this facility can be used through Winbox on the Tools menu - Torch. Please click the menu Torch, the window will be displayed Torch.
It is also through, or IP -ARP. In the ARP List window, please select the IP address, Mac address, which will be in the Monitor. Click the right to enter the Torch.
Note, the items contained in this window Torch, the Manual has been give above is clearly a description of these items. Click the Strat button to activate this service Torch. Now we can joint monitoring againt the flow of packages in the engine router. If ther is supicius traffic please taken further action.
In the above list, i monitor the traffic flow form the IP address (Src address) 192.168.0.13 through the LAN interface. If observed, in the port there Src port 514 (syslog) IP Protocol UDP (17) to the IP address (DST address) 192.168.0.14, and indeed i Syslog Daemon is rouning on a PC running Windows XP is the Remote to save the log router Mikrotik, on the PC that has the IP address 192.168.0.13, with a router that has remote IP address 192.168.0.14, active in the port 514 (UDP). We can choose the source address (Src Address) on the client that we will be watching, Select the port, destination address and Protocol.
No comments:
Post a Comment