See who's doing what on your network over time with ntop
If you're looking for real-time network statistics, you should check out the terrific ntop tool. It is a full-featured protocol analyzer with a web front-end, complete with SSL and GD graphing support. ntop isn't lightweight (requiring more resources depending on the size of your network and the volume of net traffic) but can give you a very nice overview (and some critical details) about who's talking to whom on your network.
ntop needs to initially run as root (to throw your interfaces into promiscuous mode and start capturing packets), but then releases its privileges to a user that you specify. If you decide to run ntop for long periods of time, you'll probably be happiest running it on a dedicated monitoring box (with few other services running on it for security and performance reasons.)
Here's a quick reference on how to get ntop up and running quickly. First, create an ntop user and group:
root@gemini:~# groupadd ntop root@gemini:~# useradd -c "ntop user" -d /usr/local/etc/ntop \ -s /bin/true -g ntop ntop
Then unpack and build ntop as per the instructions in docs/BUILD-NTOP.txt. We'll assume that you have the source tree unpacked in /usr/local/src/ntop-2.1.3/.
Create a directory for ntop in which to keep its capture database:
root@gemini:~# mkdir /usr/local/etc/ntop
(Note that it should be owned by root, and not by the ntop user.)
If you'd like to use SSL for ...