6

Is there a way to see ALL the traffic? from which process with the REAL NAME is accessing to which IP with the REAL NAME at which bitrate?

When I say real name I am referring something like this:

midori@mycomputer  >>> h**p://askubuntu.com/questions/291494/gui-tool-for-monitoring-traffic  ~ 4 kbps / 2 kpbs

I have a home network with two computer, one is sharing its WiFi connection to a public hotspot and a I'm becoming paranoid because I have seen some huge traffic to a LIGHTWARE NETWORK website.

I have tried, iftop, nethogs, jnettop and none of them have been useful or I was unable to get the information that I want.

Oli
  • 299,380
user166641
  • 61
  • 1
  • 1
  • 2

2 Answers2

7

I would recommend using ntop for getting a basic,long term overview of network conversations. You can install this by running the following command:

sudo apt-get install ntop

Once installed, go to 

http://localhost:3000/

to view the traffic conversations to determine what is talking with your machine.

If you really want to dive down into the details of your network traffic, Install wireshark.

Community
  • 1
Kevin Bowen
  • 20,055
  • 57
  • 82
  • 84
0

As far as I know, there isn't something that can just do all of this in one go so first off, I'd use a tool to find out which application was using all the bandwidth (nethogs) or find out where the traffic was going and what type it was (iftop).

For most people, this is illustrative enough. If you know the port the traffic is on, you can usually identify the protocol and program. That's when most people remember they have Samba turned on sharing their media with the rest of the network and that's why there's so much bandwidth.

If you're still clueless after finding out the type of traffic, you can then use packet inspection to look at what's going on. Use something like WireShark to monitor the traffic. You can filter based on the type of traffic and that's when you can extract GET requests (if it's HTTP traffic) and see what sites are being loaded. If it's something else, you'll likely see headers that better identify the traffic type.

Oli
  • 299,380