[Harbinger]

Lately our partial DS3 in the Toronto office is getting saturated with traffic. I can view the traffic and bandwidth usage in the PDM but it doesn't show me the internal ip's that are generating the traffic. For that I use the CLI and turn on level 6 logging. I take the output from that, paste in into a file and can then grep the results. Is there an easy way to look for p2p traffic? Only way I know now is to grep for the known port numbers. Most torrent clients and p2p apps let you change the default port or do it on their own. I know we can block certain apps but we're an ad agency and need to allow some traffic for the creatives.

I have some tools at my disposal but they aren't perfect. Is there an easy way in Ethereal for me to do this? Either with a packet sniffer or the PIX logs I need to see who or what is sucking up most of our bandwidth. So... if anyone knows of a way to do this, great! Any Mac, Nix or Windows apps that will work are also an option. It doesn't have to be freeware but preferably nothing to expensive.

Thanks in advance to any one that can offer some advice.