On Wednesday, October 22, 2003 7:11 AM [GMT+1200=NZT], SBlaze <dagent.geo@xxxxxxxxx> wrote: > > Wouldn't ntop be considered a "probing" tool? > I wouldn't consider it a probing tool... something like nmap would be probing, ntop just listens. And although it puts your eth into promiscuous mode, I wouldn't call it a packet sniffer since it won't tell you the contents of any packets, only where they're going and how big they are etc. I don't think you have anything to worry about. Now I have no experience with cable or cable modems (they're practically non-existent over here) but wouldn't running this on your linux box only show you whatever data your cable modem is sending to you anyway... you'd need to put the *cable modem* into promiscuous mode (or equivalent) to actually receive any data you shouldn't. > > And getting back to my original reason and question for this post. How > statistically can you see just how much iptables/netfilter is using > of system resources? > I think we're agreed that the level of data you're seeing wouldn't cause any problems CPU-wise. You can see kernel CPU usage as "system CPU%" in top and vmstat and they're saying 0, which would be expected. -Simon
