Sign In

    Enjoy FOSSwire's content? Have it delivered! Subscribe

    Use Wireshark to capture and analyse packets

    This one is probably aimed more at the geekier end of the market, but it is an application well worth covering.

    There are many reasons why you might want to capture the raw network traffic that is entering and leaving your system. This can be for diagnostic purposes when something has gone wrong, finding out if there's a rogue program on your network, or if you're just curious about what communications are going on.

    Wireshark (formerly Ethereal) is one of the most well known free software packet capturing and analysis tools available. It is cross platform, and runs on Windows, Linux, Mac OS X and many other Unix-like operating systems.

    A basic capture can be started by clicking the leftmost button on the toolbar and then selecting your primary network interface and clicking Start.

    Wireshark Interface list

    From that point on, Wireshark will capture all of the packets that are entering and leaving that interface. You can now get to work as normal, or do some action and come back and analyse the results later.

    Wireshark analysis interface

    The analysis interface allows you to filter the packets by many criteria, including protocol, source, destination and many more powerful filters. You can then deconstruct what is going on by looking at the hex view, or on supported protocols, by looking at the data (such as the HTTP conversation in the screenshot above).

    Packet dumps can then be saved to disk in libpcap format, and reopened in Wireshark or another program that supports the format.

    Packet analysis isn't for the faint of heart, or for those who don't have some understanding of TCP/IP and other networking concepts. If you do like to delve a little deeper into what's going on network-wise, however, Wireshark is an invaluable tool and one of the best programs in its class.


    KNetStats

    KNetStats is a really simple network monitoring application for KDE.

    You launch it, and it sits around in your system tray waiting for some network action. Much like the little network widget in Windows that sits in the system tray, the little computer icons light up to show incoming and outgoing traffic. In KNetStats' case, they flash green.

    In addition to this, you can click the icon to bring up a statistics window, that looks something like this:

    KNetStats screenshot

    You can also use the details tab to view basic information about your network connection, like the IP address and MAC address of your machine.

    To be honest, there's not that much additional commentary I can make on KNetStats. There's nothing particular special about it or any amazing features that stand out from the crowd. However, if you like having the visual feedback of what's going on with your network in your system tray, or want to monitor your network usage, KNetStats is a very lightweight application to do just that job.