PDA

View Full Version : [SOLVED] specific port monitoring software



ja660k
January 12th, 2010, 02:47 AM
hey guys,

Im wondering if there is an app that will sit on my laptop and monitor ports mainly ssh for activity... preferably a terminal based application that i can just run and will show me when that port has made a connection?

i thought i could write one in java or C but it would take some learning and time, so i thought i'd find out if one exist already?

to clarify i dont want to monitor other machines ports, just my own.

thanks in advance :-)

dmillerct
January 12th, 2010, 02:56 AM
hey guys,

Im wondering if there is an app that will sit on my laptop and monitor ports mainly ssh for activity... preferably a terminal based application that i can just run and will show me when that port has made a connection?

i thought i could write one in java or C but it would take some learning and time, so i thought i'd find out if one exist already?

to clarify i dont want to monitor other machines ports, just my own.

thanks in advance :-)

You could use conky and have the information on your desktop. :D

ubudog
January 12th, 2010, 02:56 AM
I'm working on one, will be done soon. Will post back with a link soon.

DamenW
January 12th, 2010, 03:17 AM
if you are handy with bash or are willing to read a little Snort is the best. It is a desktop IDS/IPS. It will monitor anything you want to monitor for network wise.

ja660k
January 12th, 2010, 03:52 PM
snort is really overkill for what i need, though it gives handy info.

all i need is something to say when a connection to a port is made.

Cheesemill
January 12th, 2010, 04:28 PM
You could use a combination of watch and netstat, give me a while and I'll post back with a command.

iponeverything
January 12th, 2010, 04:31 PM
You can have sshd invoked from xinetd, you can have a wrapper around it do whatever else you like..

aeiah
January 12th, 2010, 05:29 PM
netstat -ant | grep 192.168.0.1:22

or whatever your internal ip and ssh port are

or you could use grep on the command
w such as
w | grep -v :0

which greps for everything but :0, your local display

ja660k
January 13th, 2010, 04:00 AM
netstat -ant | grep 192.168.0.1:22

so that is what i want... but is there a way i can automate this to run

netstat -ant | grep 192.168.0.1:22
every minute or so?

Cheesemill
January 13th, 2010, 10:43 AM
You can use watch:

watch -n 60 'netstat -ant | grep 192.168.0.1:22'