On Tue, 12 Aug 2003, Jason Dale wrote: > Hi all, > > I am looking for a standard run-of-the-mill Linux command > that functions similarily to '/usr/sbin/mtr' ( A network diagnostic > tool ) except can monitor how many network packets get sent > to or from a specific port. For example, I would want to know > how much traffic get's sent to and from port 25 on eth0, and how > many bytes get transferred with each packet. (A nifty way of finding > out who is sending chompy emails). > > The command can display a screen, much like mtc, which get's > updated realtime and/or at set intervals, showing interface/port > activity levels. > > I don't know if any of you guys have been hit by the > W32.Blaster.Worm yet, but the kind of tool I am talking about will > be very useful in finding out what ports have 'unusual' amounts > of activity. You might want to look at snort. It is real good at looking for "bad traffic" It can be a pita to setup but..... -- ......Tom Registered Linux User #14522 http://counter.li.org tdiehl@xxxxxxxxxxxx My current SpamTrap -------> mtd123@xxxxxxxxxxxx -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
