Network traffic analyzers for Ubuntu System
Install Darkstat in Ubuntu
sudo apt-get install darkstat
This will complete the installation.Once you finish the installation you need to edit the the file located at /etc/darkstat/init.cfg
sudo gedit /etc/darkstat/init.cfg
# Turn this to yes when you have configured the options below.
Now you need to start the darkstat using the following command
sudo /etc/init.d/darkstat start
This will start the darkstat process
Now if you want to see your network stats go to http://youripaddress:666
Here you can see some of the screenshots for darkstat
Once you open the http://youripaddress:666 you should see the following screen
Hosts screen you can see all the machines which take part in the communication. These can be arranged by the caused traffic or their particular IP address.
Ports Screen you can see the port numbers which are used by server and client applications. You can immediately recognize the port numbers which are used by the following daemons: 666 (darkstat), 80 (http)
Protocols Screen protocols ICMP,TCP,IGP and UDP for the file transmission, which were involved in the communication event.
Graphs Screen screen shot shows a summary of the collected time periods as graphs
This tool is really useful if you want to check your ubuntu system traffic details like incoming and outgoing ports and communication to outside world
There are other tools which you can use as follows
Wireshark (Old Name Ethereal)
Wireshark® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.
If you want to install wireshark in ubuntu use the following command
For Ubuntu Edgy users
sudo apt-get install Wireshark
For Ubuntu Dapper Users
sudo apt-get install ethereal
If you want to open go to Applications--->Internet--->Wireshark (If you want run as root select root option)
Once it opens you should see the following screen
If you want to see the available interfaces for capture click on the icon bottom of the file tool option
Capture Network Interface eth0 details
Wireshark Version Details
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, ip and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display.
It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.
If you want to install Etherape in ubuntu use the following command
sudo apt-get install etherape
If you want to open go to Applications--->Internet--->EtherApe(as root)
Once it open the application you can see the network activity with all the protocols and locations
Console-based ethernet statistics monitor.Ethstatus is a console-based monitoring utility for displaying statistical data of the ethernet interface on a quantity basis. It is similar to iptraf but is meant to run as a permanent console task to monitor the network load.
Install Ethstatus in Ubuntu
sudo apt-get install ethstatus
If you want to see your your network card status from command line just enter the following command
you should see the following screen with all the details
IP Flow Monitor.This is a console utility which will listen on an interface using libpcap, aggregate the traffic into flows and display the top (as many as can fit on your screen) flows with their average throughput. A flow is identified ip protocol, source ip, source port, destination ip, destination port, and type of service flag.
Install potion in ubuntu
sudo apt-get install potion
This will complete the installation
potion [options] interface [expression]
potion -a eth0 1