You can set up flow monitoring. <a href="http://www.ntop.org">NTOP </a>would be a good open source choice. It will give you monthly/daily/hourly/etc reports of all the traffic coming through it. You can see what protocols, what destinations and what source ip addresses are involved. NTOP consists of two parts. There's a collector and a sensor. The collector has to be on the gateway. If you're using a cisco device, they come with nflow, open source and other sensors are usually going to be sflow. NTOP can collect both. Here's an nflow/sflow <a href="http://www.pmacct.net/">sensor </a>if you don't like ntops that works on SUSe. For different types of sensors just google (sflow|net-flow). Hope this helps.

You can set up flow monitoring. <a href="http://www.ntop.org">NTOP </a>would be a good open source choice. It will give you monthly/daily/hourly/etc reports of all the traffic coming through it. You can see what protocols, what destinations and what source ip addresses are involved. NTOP consists of two parts. There's a collector and a sensor. The collector has to be on the gateway. If you're using a cisco device, they come with nflow, open source and other sensors are usually going to be sflow. NTOP can collect both. Here's an nflow/sflow <a href="http://www.pmacct.net/">sensor </a>if you don't like ntops that works on SUSe. For different types of sensors just google (sflow|net-flow). Hope this helps.