Jul 112013

On server it’s useful to monitor, and collect, data about the use of your bandwidth, in the past I’ve wrote an article about “Monitor your bandwidth from the Linux shell” and I’ve also presented 4 useful tools that you can use to have a real time monitoring of the bandwidth:

IPTState : This software is a top-like interface to your netfilter connection-tracking table. Using iptstate you interactively watch where traffic crossing your netfilter/iptables firewall is going, sort by various criteria, limit the view by various criteria. But it doesn’t stop there: as of version 2.2.0 you can even delete states from the table!

pktstat displays a real-time list of active connections seen on a network interface, and how much bandwidth is being used. Partially decodes HTTP and FTP protocols to show what filename is being transferred. X11 application names are also shown.

NetHogs is a small ‘net top’ tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there’s suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to indentify programs that have gone wild and are suddenly taking up your bandwidth.

IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.

They are all good I suggest to read my old articles to have a small introduction about them, today I want to show you vnstat, this small program has something more than the others, it can show real time statistics, but the feature that this small program shines it’s its ability to collect data over a long period of time.
Continue reading »

flattr this!

Apr 152012

Monitoring how much bandwidth is used is a fundamental task to check the status of your servers, or just your desktop, so i always test new tools to see if i find something good. This is the third article of this series and in this one i’ll take a look at Bmon, speedometer and Nload.

Continue reading »

flattr this!

Mar 192012

This is an article of mine, first published on Wazi

Some find the fine art of capturing and interpreting the packets that run through your network to be as arcane as reading The Matrix, but you don’t need to be the new Neo to be able to parse the network flux. A powerful ally can help you in this mission: Wireshark, a powerful software tool to analyze your network traffic.

Wireshark is several tools in one application. You can use it to analyze the structure of your wireless network in search of potential configuration errors. It can identify many types of encapsulation and isolate and display all the fields that make up a network packet. It also works as a packet sniffer, similar to tcpdump.

With all of those powerful capabilities, you might think Wireshark would be hard to learn. In some respects it is, but you can easily learn how to use some of the filters that come with the software and let you zero in on specific clients and kinds of traffic. In this article I’ll show you several ways to use Wireshark to focus your searches.
Continue reading »

flattr this!

Xplico a network forensic analysis tool

I’ve recently saw a presentation by Stefano Fratepietro project leader of DEFT Linux, a live CD dedicated to the world of Computer Forensics, among the many interesting things shown in this presentation (expect a test drive Linux DEFT) there was also a small presentation of Xplico , a tool used to analyze a captured network [...]