Watching the traffic?

Hello,

is it possible to watch the network traffic with linux without
installing any further programs? How?

If not, what program can be recommended?

Thanx

Frank Werner
--
www.linkkontor.mynetcologne.de

Frank Werner <(E-Mail Removed)> wrote:
> If not, what program can be recommended?

There are many sniffer and/or networking tool, I suggest you start
with iptraf, and then check exactly what you want to know.

Davide

--
| Remember, UNIX spelled backwards is XINU.
|
|
|

Frank Werner wrote:

> is it possible to watch the network traffic with linux without
> installing any further programs? How?

It depens on your Linux-installation. What you need is libpcap and software
the uses it, like tcpdump or ethereal.

If tcpdump is installed, you can try it like this:
tcpdump -i eth0
where eth0 is the interface to be dumped or "watched". Tcpdump is not
graphical, ethereal can be used in grapical mode or in text mode.

If you are connected to the hub, you can see all the traffic going through,
but if you are connected to the switch, you cannot see everything without
special tricks or software.

BR
Kimmo Koivisto

Frank Werner wrote:

> Hello,
>
> is it possible to watch the network traffic with linux without
> installing any further programs? How?
>
> If not, what program can be recommended?
>
> Thanx
>
> Frank Werner

ntop is quite impressive.

--
LucM

Visit your friends
> www.gnu.org
> www.greenpeace.org

Frank Werner wrote:

> Hello,
>
> is it possible to watch the network traffic with linux without
> installing any further programs? How?
>
> If not, what program can be recommended?

Ethereal

--

(This space intentionally left blank.)

To reply to this message, replace everything to the left of "@" with
james.knott.

On Thu, 24 Jun 2004 10:54:51 +0000, Davide Bianchi wrote:

> Frank Werner <(E-Mail Removed)> wrote:
>> If not, what program can be recommended?
>
> There are many sniffer and/or networking tool, I suggest you start with
> iptraf, and then check exactly what you want to know.
>
> Davide
Definitely iptraf, small footprint and no X

On 24 Jun 2004 03:38:46 -0700, Frank Werner <(E-Mail Removed)> wrote:
>
>
> Hello,
>
> is it possible to watch the network traffic with linux without
> installing any further programs? How?
>
> If not, what program can be recommended?
>
> Thanx
>

I prefer tethereal. Monitoring network traffic real time just isn't
practical because of the speed, and tethereal uses a lot less system
resources than than the graphical tools.

You CAN monitor realtime with:

# tethereal -i interface

This is what I generally do:

(tethereal aliased to teth)

# teth -i interface -w logfile

(you can limit what is saved with filter expressions using the sytax
of tcpdump, with the -f <expression> arguments)

Then, to read and analyze, whether with scripts or your eyes:

# teth -r logfile | less #for a traditional one-line description of each
# packet

# teth -r logfile -V # expanded, 'tree' view

# teth -R <display filter expression> [-V] | less

I often just use sed to pull out the information I want here.

To see just the strings in the logfile:

# strings logfile | less

Tethereal comes with ethereal, which I don't use anymore, and
I don't know if it is available seperately.


AC

yes, ntop, tcpdump, iptraf, ethereal are good options ...

but if you are lazy like me and want to monitor the bandwidth usage
only, try mrtg and rrd tool from
http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/ or
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/.

hth

raqueeb hassan
congo (drc)

Frank Werner wrote:
> Hello,
>
> is it possible to watch the network traffic with linux without
> installing any further programs? How?
>
> If not, what program can be recommended?
>
> Thanx
>
> Frank Werner

My favorit is ethstatus.

http://ethstatus.calle69.net



Janos Makadi

Kimmo Koivisto wrote in message:

> If you are connected to the hub, you can see all the traffic going through,
> but if you are connected to the switch, you cannot see everything without
> special tricks or software.
>
> BR
> Kimmo Koivisto

Kimmo,
You said you can see all traffic on a switch, what are your special
tricks and software? I know how to span a Cisco Catalyst switch
(basically make it look like a hub) and have heard people say they can
drop VLAN tagging but can a linux/unix sniffer do this?

Thanks,
Jon