Security and Intrusions

NoOp glgxg at
Thu Jan 15 05:59:41 UTC 2009

On 01/14/2009 08:59 PM, Ray Parrish wrote:
> Chris Mohler wrote:

>> The 'etherape' program will show you a graphic real-time display of
>> LAN usage.  Also, the 'mtr' command can help determine a bottleneck
>> outside of your LAN.
>> I think there's a bug int he etherape package - if you run it from the
>> menu it cannot open any interaces.  You have to either run it via sudo
>> in a terminal (sudo etherape), or edit the menu item and make the
>> command 'gksudo etherape' instead of just 'etherape'.
>> HTH,
>> Chris
> You guys rock! I'm now using etherape, and it has gone a long way 
> towards relieving my mind on what is connected to my computer. I am also 
> surprised at the number of servers one web page will use to serve up a 
> page sometimes.

Keep in mind that etherape captures to memory, so the longer you run it
the more memory it consumes. However, you can use tcpdump to dump the
data to a file for a brief while, then replay the data in etherape. See:
[Reading from files and remote networks]


So, for example:

sudo tcpdump -n -w test

will write the dump file to 'test'. You can then open up etherape and
File|Open and select the 'test' file & etherape will replay the events
from that file.

Side note: If you ssh into your kid's computer, run tcpdump (assuming
you have an account there with sudo capability), copy the file & play it
back for him/her in etherape and you can show them 'graphically' what
they connected to over a period of time. Obviously more fun than just
showing them router logs...

More information about the ubuntu-users mailing list