Network Monitoring Tools


Cricket is a high performance network tool that can be used to help visualize and monitor network traffic. SNMP is used to gather link information from the hiseasnet router. SNMP queries each of the interfaces currently in use on the routers at five minute intervals.



Other useful tools


  • If you ssh into a computer and want to use tcpdump to view traffic, ssh (22) can be excluded
    	 tcpdump -i eth0 -n 'port!22'
  • Capture traffic leaving a host
             tcpdump -pi eth0 src host [hostname]
  • Watch for traffic leaving one network and entering two other networks
             tcpdump -pi eth0 src net [network] and dst net [network2] or [network3]
             tcpdump -pi eth0 src net and dst or 192.168.12/24


  • To see what computers are up, what OS they are running and what ports are open:
    	nmap -sS -O [network]    ie: nmap -sS -O


  • To look at https traffic on the science network:
           iftop -i eth2 -f "dst port 443"


  • Need to setup a server (sender) and client (listener)
         On shore just listen
             iperf -s -u
         On shore listen on a certain port    
          iperf -s -u -p 55437
         From ship, send 7 M
         iperf -c [shoreip number]  -u -t 120 -b 7M


  • mtr (my traceroute) is used to see packet losses and transmit times. If mtr consistently shows greater than 5 percent packet losses and a long transit time on the same router, there are probably problems.
          * view in real time
    	mtr -c100
          * save to a file
            mtr -r -c100 >> mtr.txt

    lstolp April 2008