Colasoft Blog

To be honest, I am a little ashamed to share my experience here, however, I wish to learn more from you. Let me introduce myself briefly, my name is Don Smith, the network administrative of a small online business company in Texas.

As a small company, cost is a very sensitive problem to us especially under the recession. With a limited bandwidth, we need to make sure the core business goes steadily, I need to find out the illegal download activities in time. We bought Capsa last year after the evaluation and compare with other similar network monitoring software.

Ok, let’s see how I find out the illegal download in the network.

After the correct deployment of Capsa in our network, let’s run capsa and start the capture at first.

Figure 1.Summary View

As we can see in figure 1,the utilization is normal.

Now I will start a download, and check it again. See Figure 2:

We can see that in the packet size distribution, there are a lot of packets listed from 1024-1517,

Then we need to check how these packets generated.

Now, we will go to the protocol view to check whether there is any protocol for download.

We can see that there is http download in our network. Then we need to locate the computer which are downloading and deal with it.

Right click on the protocol, like Figure 4 showed, we can see the option: Locate Explore Node.

Then we can check the endpoints view for more details.

It is apparently that the node 192.168.6.8 is downloading, the bytes out is only 1.04MB, but the bytes out is 10.153MB.

Now we have find out the computer which are downloading the files and so we can deal with it.

As I know, this function is just a tip of iceberg. Capsa can do a lot of things like this.

Let’s share it.