|1st thanks for the software.|
2ndly i don't quite get it.(WireShark)
3rdly connect in between the router and switch?
If i connect in between the router and switch ill be connecting into the VPN Router.
If its possible could you teach me how to use wireshark's sniffer the easy way or step by step?
2) Download it and read through the manual for a better understanding of what it is, what it does, and how to do it
3) As paulsep said above:
"If you have any old HUB, you can connect between the router and the switch and connect the PC that should run the sniffer also to that hub, you'll get all trafic sniffed and can find out the guilty."
The reason being, a switch manages traffic intelligently. Which is to say, it sends traffic only to the port of the device said traffic is for. A hub on the other hand, broadcasts all traffic to all ports. This makes a hub the perfect device to use in combination with Wireshark to sniff packets and see who's doing what.
Simply put, if you put the hub in between your switch and your external connection then all external traffic will flow through it. If you connect your PC, or a laptop to that hub, and have Wireshark running on it, and run a packet capture. You can then after a short while, stop the capture and examine the packets. Find the ones with the data you think belongs to the P2P and check the IP address of it. Then go find the PC with that IP address and you should have your guilty party in hand.
With only 40 PC's though, it wouldn't take that long to go and have a look at the "Add/Remove Software" applet in the Control Panel of each for P2P software.