iftop to the rescue. Today I’ve been having really bad bandwidth and started getting paranoid. Sometimes bad bandwidth can be one of the first real obvious symptoms of a worm or a Denial of Service attack. How do you find out what is going on?
Well one of my favorite little tools in my networking toolbelt is iftop which works just like top but for bandwidth. It shows all the open connections on your network interface and allows you to see their source and destination IPs as well as bandwidth information.
In its simplicity and beauty this allows you like top to see in an instant what is going and where the bandwidth is going.
iftop works on Linux and bsd. I’m guessing that Mac OS/X should work. The main dependency besides curses is libpcap. Under Gentoo linux all you have to do is to:
# emerge iftopOn a related note. All users of PF (the most powerfull firewall in the world) on OpenBSD should install pftop which provides a top like view into the world of PF’s state tables. Very interesting and cool.
This entry was posted in the following Categories: Crypto & Security