Monitor Network Traffic with Tcpick

From BubbaWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Tcpick is a very nice toool to monior network traffic on LAN.

It shows all packets in realtime colorized format. It is easier for the eyes compared to tcpdump.

Install tcpick:

apt-get install tcpick

Look for port 80 HTTP traffic:

tcpick -i br0 -C -yP -h "port 80"

Look for port 25 SMTP traffic:

tcpick -i br0 -C -yP -h "port 25"

Look for MSN Traffic:

tcpick -i br0 -C -yP -h "port 1863"

Filter one specific host to look for and log the output in realtime: (You can also use >> instead of the tee command)

tcpick -i br0 -C -yP -h "port 1863" "host 192.168.10.68" | tee /tmp/messenlog_host_192.168.10.68.txt

Filter one specific host to look for and log the output in background (beware logs can take large space):

tcpick -i br0 -C -yP -h "port 1863" "host 192.168.10.68" | tee /tmp/messenlog_host_192.168.10.68.txt nohup &

To stop:

killall tcpick