IPTraf – Looking at it as it happens

Written by James McDonald

July 14, 2008

When looking at traffic flowing in and out of your gateway Linux boxes you can use a variety of tools.

tcpdump is handy

For example if I wanted to know what traffic is flowing from my ppp0 interface to a remote host without resolving the names I would say.

tcpdump -i ppp0 -n host

tcpdump would do what you wanted.

But what about a summary as to all connections both UDP and TCP currently active on your box?

IPTraf is a curses style program that can display a nice summary of what’s happening on the box at the moment. By what’s happening I mean source and destination traffic addresses. Protocols and TCP Port numbers.

IPTraf can be installed by yum install iptraf or apt-get intall iptraf depending on if you run a Redhatian or Debian based distro.

You need to be root to run it.

Heres a picture, Info has been blurred:


Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

Test your AV client with Eicar

eicar.com is a special file that is NOT malicious (if gotten from the right place) it is simply a text file with a...