Archive for December 29th, 2007

Tcptrack is a sniffer program which can be used to monitor the tcp connection on the network. It passively watches for connection on the network interface. It’s similar to ‘top’ command.


taufanlubis@toshiba:~$ sudo apt-get install tcptrack

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following NEW packages will be installed:


0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 39.6kB of archives.

After unpacking 139kB of additional disk space will be used.

WARNING: The following packages cannot be authenticated!


Install these packages without verification [y/N]? y

Get:1 http://archive.ubuntu.com gutsy/universe tcptrack 1.2.0-1 [39.6kB]

Fetched 39.6kB in 6s (5827B/s)

Selecting previously deselected package tcptrack.

(Reading database … 123337 files and directories currently installed.)

Unpacking tcptrack (from …/tcptrack_1.2.0-1_i386.deb) …

Setting up tcptrack (1.2.0-1) …


How to use it?

The most basic way to run tcptrack.

taufanlubis@toshiba:~$ sudo tcptrack -i eth0

Show web traffic

taufanlubis@toshiba:~$ sudo tcptrack -i eth0 port 80

Only show connection from IP address

taufanlubis@toshiba:~$ tcptrack -i eth0 src or dst

You can see the source (client) and destination (server) addresses and ports, connection state, idle time, and band witch usage.


Read Full Post »