Network Monitoring Tools
Cricket is a high performance network tool that can be used to help visualize and monitor network traffic. SNMP is used to gather link information from the hiseasnet router. SNMP queries each of the interfaces currently in use on the routers at five minute intervals.
Other useful tools
If you ssh into a computer and want to use tcpdump to view traffic, ssh (22) can be excluded
tcpdump -i eth0 -n 'port!22'
Capture traffic leaving a host
tcpdump -pi eth0 src host [hostname]
Watch for traffic leaving one network and entering two other networks
tcpdump -pi eth0 src net [network] and dst net [network2] or [network3]
tcpdump -pi eth0 src net 18.104.22.168/28 and dst 192.168.11.0/24 or 192.168.12/24
To see what computers are up, what OS they are running and what ports are open:
nmap -sS -O [network] ie: nmap -sS -O 192.168.11.0
To look at https traffic on the science network:
iftop -i eth2 -f "dst port 443"
Need to setup a server (sender) and client (listener)
On shore just listen
iperf -s -u
On shore listen on a certain port
iperf -s -u -p 55437
From ship, send 7 M
iperf -c [shoreip number] -u -t 120 -b 7M
mtr (my traceroute) is used to see packet losses and transmit times. If mtr consistently shows greater than 5 percent packet losses and a long transit time on the same router, there are probably problems.
* view in real time
mtr -c100 orielly.com
* save to a file
mtr -r -c100 oreilly.com >> mtr.txt
lstolp April 2008