PDA

View Full Version : [ubuntu] Network traffic monitoring.



AJB2K3
November 4th, 2008, 07:27 AM
I'm interested in what traffic is in my network and all messages/request but how do I see all these messages/request in real-time/viewing them as they happen?

leonj@infogro.co.za
November 4th, 2008, 07:57 AM
Hi,

Try as root :


apt-get install iptraf

Then type in command line


iptraf

Hope this is what you were looking for... ):P

AJB2K3
November 5th, 2008, 06:51 PM
For the first part, yes it is thanks.

now for the next bit.
Can I get the ip address automatically run through whois and printed to a file?

y@w
November 5th, 2008, 06:56 PM
You could pump it into a log file and use awk to parse out the IPs and do a whois on each of them if you really wanted to..

jonobr
November 5th, 2008, 07:07 PM
Hello


Should also take a look at wireshark this makes looking at network traffic very easy and brings you down to the hex code if you want to go down that far.

On Wireshark you can use the command line version, and filter traffic based on what you want to see, source, destination IP, port number protocol etc.

For constructing filters, wireshark.org has some tips, and the gui itself allows you to construct simple filter rules

AJB2K3
November 5th, 2008, 08:33 PM
I have an Idea for a network protection tool but first I need to learn about network traffic.

The Cog
November 6th, 2008, 12:09 AM
Then you will be wanting wireshark and a shed-load of books. Definitely wireshark.