|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] What's the best utility to find source of outbound net traffic?
|
In the message dated: Mon, 22 May 2006 23:52:20 EDT,
The pithy ruminations from "Greg Helledy" on
<Re: [PLUG] What's the best utility to find source of outbound net traffic?> we
re:
I'd look at ntop (http://www.ntop.org/). Unlike lsof, ntop can show more than a
snapshot in time...it's great at understanding network flows, rather than ports
that are open at the moment.
=>
=> >
=> > lsof -Pai (as root)
=>
[SNIP!]
=>
=> Also, the disk chatters every few seconds. A sensor applied to the disk
=> produces this:
=> May 22 23:43:30 localhost disk/8:0/total: 0
=> May 22 23:43:32 localhost disk/8:0/total: 0
[SNIP!]
=> May 22 23:44:18 localhost disk/8:0/total: 25
=>
=>
=> Apparently KSysGuard cannot provide any info on what processes are causing
=> the udp packets and disk activity on a system which should be idle. Are
=> there any more powerful tools for linux which can track specific disk I/O
=> calls?
Hmmmm...interesting question. Under Solaris, I'd recommend dtrace, but I don't
think there's anything similar for Linux.
Do you really think this is a problem? There are many processes (notably the
kernel pdflush or bdflush & kupdated daemons, the smartmon "Self-Monitoring,
Analysis and Reporting Technology System" disk tools, etc.) that periodically do
minimal disk activity.
=>
=>
=> --
=> Privileged/Confidential information may be contained in this message.
=> If you are not the addressee indicated in this message (or responsible
=> for delivery of the message to such person), you may not copy or deliver
=> this message to anyone. In such case, you should destroy this message
=> and notify GRA, Inc. (postmaster@gra-inc.com) immediately. Please advise
=> immediately if you or your employer do not consent to Internet e-mail
=> for messages of this kind. Opinions, conclusions and other information
=> expressed in this message are not given or endorsed by GRA, Inc. unless
=> otherwise indicated by an authorized representative independent of this
=> message.
Yet another absurd disclaimer on a message sent to a public mailing list.
=>
-----
Mark Bergman Biker, Rock Climber, Unix mechanic, IATSE #1 Stagehand
http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=bergman%40merctech.com
I want a newsgroup with a infinite S/N ratio! Now taking CFV on:
rec.motorcycles.stagehands.pet-bird-owners.pinballers.unix-supporters
15+ So Far--Want to join? Check out: http://www.panix.com/~bergman
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|