wiki:AdminGuides/Tcpdump

Monitoring Network Interfaces

To get information about traffic coming in/going out of your Linux machine, there are several useful command available.

tcpdump

tcpdump command prints all packets received/sent by your server. Example:

tcpdump -n

will start to print live network traffic on screen. To stop it, press control+c.

If you want to see only particular protocol , for example SIP:

tcpdump -n | grep SIP

Once you have detected unwanted activity from some IP address, you can block it with iptables command.

Last modified 7 years ago Last modified on Mar 11, 2011, 4:48:14 PM