Mick wrote:
I have found a program called Etheral(?) which seems to monitor traffic, is there any other way to know what process, software, etc are active / transmitting data while I'm surfing the internet?
Ethereal is a packet sniffer. It's essentially tcpdump redone with a GUI and better packet decoding. You can use it whereever you use tcpdump. Like tcpdump it only decodes the packets, it doesn't analyse them. So it's really only a tool for protocol-heads.
Ethereal only tells you what traffic hits the wire. You don't know about services which are listening for a connection. "netstat -a -p" shows everything using or waiting for a connection on that machine. You can use SNMP's TCP-MIB if you need to monitor the connections on a remote machine. Some packages analyse packets. Snort analyses packets to see if a machine compromise is being attempted. There are yet to be packages to analyse network performance. The Web100 project (http://www.web100.org/) is well down this path but you won't see that in user tools for some years. Give it a go if you are comfortable with kernel patching and rebuilding. Cheers, Glen (occassional contributor to tcpdump, Ethereal and Web100) -- Glen Turner (08) 8303 3936 or +61 8 8303 3936 Australian Academic and Research Network www.aarnet.edu.au -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
