Tuesday, January 3, 2012

Useful Network tools for Linux

Here are some free, open-source, and useful network tools for Linux:

1) tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license. The tcpdump command has a lot of advanced features, most of which revolve around filtering and finding a needle in a haystack of packets. If you run tcpdump on a remote machine, your screen will be flooded with all the ssh traffic between your client and the remote machine. To get started without having to learn too much about how tcpdump filtering works, run the following command:

sudo tcpdump | grep -v ssh

2) Wireshark is a GUI packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues. In order to use it, you can type wireshark on your command line . Wireshark is a very powerful packet sniffer that rivals the best commercial tools.

3) Nmap (Network Mapper) is a security network scanner. Nmap sends specially crafted packets to the target host and then analyzes the responses. Unlike many simple port scanners that just send packets at some predefined constant rate, Nmap accounts for the network conditions (latency fluctuations, network congestion, the target interference with the scan) during the run.
Here’s how to do a basic host scan with nmap:

sudo nmap
Scan ports on computer at

To get maximum verbosity from nmap, use the -vv option:

sudo nmap -vv
Show maximum verbosity from nmap output

To use nmap to scan an entire network, use the network address as an argument. In the following example, we add the –sP option to tell nmap to perform a simple ping sweep:

 sudo nmap -vv –sP
Scan hosts on an entire network

No comments:

Post a Comment