Network Monitor - tcptrack
December 29, 2007 by taufanlubis
Tcptrack is a sniffer program which can be used to monitor the tcp connection on the network. It passively watches for connection on the network interface. It’s similar to ‘top’ command.
Installation
taufanlubis@toshiba:~$ sudo apt-get install tcptrack
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
tcptrack
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 39.6kB of archives.
After unpacking 139kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
tcptrack
Install these packages without verification [y/N]? y
Get:1 http://archive.ubuntu.com gutsy/universe tcptrack 1.2.0-1 [39.6kB]
Fetched 39.6kB in 6s (5827B/s)
Selecting previously deselected package tcptrack.
(Reading database … 123337 files and directories currently installed.)
Unpacking tcptrack (from …/tcptrack_1.2.0-1_i386.deb) …
Setting up tcptrack (1.2.0-1) …
taufanlubis@toshiba:~$
How to use it?
The most basic way to run tcptrack.
taufanlubis@toshiba:~$ sudo tcptrack -i eth0
Show web traffic
taufanlubis@toshiba:~$ sudo tcptrack -i eth0 port 80
Only show connection from IP address 10.66.29.121.
taufanlubis@toshiba:~$ tcptrack -i eth0 src or dst 10.66.29.121
You can see the source (client) and destination (server) addresses and ports, connection state, idle time, and band witch usage.
tq pak. menarik nich. baca2 lagi ah
I am necessary wish to find
Actually, you can use it to check if someone try to access your PC.
As you see, Client is on the left (your IP address) and Server is on the right (your server).
The problem is when your IP is suddenly on the right (Server) and the other IP is on the left (Client).
Mean, that your PC is working as a server.
It’s normal when you log on to Chat program like Skype, Yahoo Messenger, etc. It’s point to point connection, so it’s OK.
Except that, you must be aware.