We can monitor the flow of packets based on protocol type, source address, destination address and port type. With this facility that has been provided in Packet System, when we install RouterOS, then help us in the administration of routers, from this facility, we can guess whether the flow of data in the machine we're normal or not. Monitoring of Flooding, Malware monitors activity and so forth.
Using it is fairly easy, usually more convenient for the Monitoring, please enabled Winbox, to enter into the router. More details can be seen pictured below.
Torch facility can be used through Winbox on the Tools menu - Torch. Please Click the Torch, the window will be displayed at Torch.
Or could also be via IP - ARP. In ARP List window, please select the IP Address, MAC address that will be in the Monitor. Right-click to go to the Torch.
Note that the items contained in this Torch window, the Manual above has been given a clear description of the items. Click the Start button to activate the service this Torch. Now we can monitoring to the flow of packets on router machine. If there is traffic for suspicious please take further action.
In the list above, I monitor the flow of traffic from an IP address (Src Address) 192.168.0.13 through LAN interfaces. If you paid attention, in part Src ports have port 514 (syslog) protocol type UDP (17) leading to the IP address (Dst Address) 192.168.0.14, and indeed I'm running the Syslog Daemon on Windows XP Remote PC to save the log router router OS, on a PC that has IP address 192.168.0.13, with remotenya router that has IP address 192.168.0.14, is active on port 514 (UDP). We can choose the source address (Src Address) on the client that we will monitor, choose the port, destination address, and Protocols.
