For basic traffic statistics you should set up MRTG to query your switches and routers. It works a little better on linux than on windows. This will tell you where the traffic is assuming you have SNMP aware routers and switches.
Once you know which links have too much traffic you can use a sniffer. If you want to see what is happening to a windows server you can use network monitor.
If you want to sniff the traffic in general the network interface has to be in promiscuous mode. My favorite tool for sniffing is ethereal. It is available for linux and windows. If you just want a graphical display about node to node volume, check out etherape. You might just want to do a search at the sourceforge site for traffic analyzers.
One thing to be aware of, on a switch you need to be on a monitoring port. Otherwise you will see only traffic for your system. When I go to a remote location to sniff traffic I always carry a 10/100 hub with me. This way I can use it to stick my laptop between the node I’m checking and the rest of the net. If you want to do this, beware, most “hubs” being sold today are really switches. I now use a 3com officeconnect 5 port dual speed hub. We tried three times to buy a hub from othe vendors before I found this model. The others were all switches.