Tcptrack is a sniffer program which can be used to monitor the tcp connection on the network. It passively watches for connection on the network interface. It’s similar to ‘top’ command.
taufanlubis@toshiba:~$ sudo apt-get install tcptrack
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 39.6kB of archives.
After unpacking 139kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
Install these packages without verification [y/N]? y
Get:1 http://archive.ubuntu.com gutsy/universe tcptrack 1.2.0-1 [39.6kB]
Fetched 39.6kB in 6s (5827B/s)
Selecting previously deselected package tcptrack.
(Reading database … 123337 files and directories currently installed.)
Unpacking tcptrack (from …/tcptrack_1.2.0-1_i386.deb) …
Setting up tcptrack (1.2.0-1) …
How to use it?
The most basic way to run tcptrack.
taufanlubis@toshiba:~$ sudo tcptrack -i eth0
Show web traffic
taufanlubis@toshiba:~$ sudo tcptrack -i eth0 port 80
Only show connection from IP address 10.66.29.121.
taufanlubis@toshiba:~$ tcptrack -i eth0 src or dst 10.66.29.121
You can see the source (client) and destination (server) addresses and ports, connection state, idle time, and band witch usage.