Many system administrators do not take sufficient steps to protect their server’s network.  In some cases, they install the firewalls and other automated defenses, but they do not take steps to monitor the network the way that they monitor system services, users, and other dedicated serverelements.

To properly ensure your network stays as safe as your applications and server components, you need a good network monitor.  IPTraf is one such solution.  IPTraf provides a wide range of network statistics from the Linux console using a psuedo-graphical interface (ncurses) to display them.  Features include:

  • An IP traffic monitor, including packet and byte counts, OSPF packet types, TCP flag information, and ICMP details.
  • Complete statistics on IP, UDP, non-IP, TCP, and other IP packet counts
  • Service monitoring for TCP and UDP, including counts for each
  • General statistical information about the LAN
  • Protocol filters to hone in on the specific traffic you want to view
  • Relies on the Linux kernel’s built-in raw socket interface to detect and support a wide variety of network cards
  • Provides (and in fact insists upon) a full-screen, menu-driven interface

Beyond security monitoring, IPTraf can help you assess the efficiency of your server and overall network, troubleshoot connection and traffic issues, and keep a watchful eye for internal misuses of the network, which are often just as damaging as external ones.  IPTraf is free and open source software, available for several operating systems, including most major Linux distributions.

By: Tavis J. Hampton