[GLLUG] tcpdump
Mike Rambo
mrambo at lsd.k12.mi.us
Mon Aug 15 07:23:47 EDT 2016
On 08/13/2016 04:13 PM, Chick Tower wrote:
> I upgraded to the new Slackware (14.2), and it has a newer version of Firefox (45.3.0, after one
> upgrade). I'm on dial-up, and as soon as I fire up Firefox the modem lights start flashing away,
> and my effective modem speed seems to be at least halved. So, in addition to trying other, less
> "chatty" browsers, I wanted try and analyze the traffic to see if I could block it or modify Firefox
> to stop it.
>
> Has anyone used tcpdump? I was looking at wireshark, but it said it was a graphical version of
> tcpdump, and tcpdump is already installed. However, when I run it, even according to the examples,
> it doesn't catch anything at all. I've tried the following commands, as root:
>
> tcpdump host <myhostname>
> tcpdump -v host <myhostname>
> tcpdump -v host <myfullyqualifiedhostname>
> tcpdump -v host localhost
>
> Does anyone have any tips?
You could also take a look at iftop. It doesn't appear that it is always packaged by all the
distributions but it isn't tough to get installed and works pretty well. On a firewall device it
will allow you to see exactly which places devices are your net are communicating with and if you
set promiscuous mode it'll do the same thing even if the device is not a router/firewall. For a
single machine, as in your case, it should work just like the firewall case. Just pick the correct
interface to monitor so you don't have to sort it out manually.
More information about the linux-user
mailing list