there's something called etherApe which is a protocol analyser .. i don't know whether it will
give a statistics based on ports..
iptables log in linux is a good thing but will churn out huge amount of data
regards, anoop.
From: "Jason Dale" <redhat@xxxxxxxxxxxxx> Reply-To: psyche-list@xxxxxxxxxx To: <psyche-list@xxxxxxxxxx> Subject: Port monitoring activity Date: Tue, 12 Aug 2003 16:48:30 +0200
Hi all,
I am looking for a standard run-of-the-mill Linux command that functions similarily to '/usr/sbin/mtr' ( A network diagnostic tool ) except can monitor how many network packets get sent to or from a specific port. For example, I would want to know how much traffic get's sent to and from port 25 on eth0, and how many bytes get transferred with each packet. (A nifty way of finding out who is sending chompy emails).
The command can display a screen, much like mtc, which get's updated realtime and/or at set intervals, showing interface/port activity levels.
I don't know if any of you guys have been hit by the W32.Blaster.Worm yet, but the kind of tool I am talking about will be very useful in finding out what ports have 'unusual' amounts of activity.
Jason.
-- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
_________________________________________________________________
MSN Messenger V6.0. Give it a fun name. http://server1.msn.co.in/sp03/ilovemessenger/index.asp Win cool stuff!
-- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
