How to find source and targhet of data transmissions
Mike Marchywka
marchywka at hotmail.com
Sat Mar 2 11:51:00 UTC 2019
>
>________________________________________
>From: ubuntu-users <ubuntu-users-bounces at lists.ubuntu.com> on behalf of Karl Auer <kauer at biplane.com.au>
>Sent: Saturday, March 2, 2019 6:18 AM
>To: Ubuntu user technical support, not for general discussions
>Subject: Re: How to find source and targhet of data transmissions
>
>On Sat, 2019-03-02 at 18:33 +0800, Bret Busby wrote:
>> For the past few minutes, the System Monitor shows data being
>> downloaded, that I have not authorised, and about 300-500 kB/s.
>>
>> How do I find where the data is originating, and, what is downloading
>> it?
>
>If it's arriving at your computer, you know the target.
>
>To find the source, install and run wireshark on your system. When it
>starts, select the primary interface on your system and click the blue
>fin at top left to start capturing packets. After it's been capturing
>data for a few minutes, click the red square to stop capturing. Then
Depending on the situation, you may not have enough resources
left to launch a new GUI etc. For routine monitoring that is probably
great. If you need to select one interface though that could
make it a longer process. Another approach is just to run
tcpdump., grep the headers and "sort | uniq -c | sort -g"
>use the "Statistics" feature to list top talkers. Go to Statistics ->
>Endpoints and click on the IPv4 tab. You can then click on the column
>headings to order the list in various ways. For example, click on "RX
>Bytes" to order by data volume received.
>
>If you are using IPv6, also check the IPv6 tab...
>
>Remember the values in the columns related to the addresses in the
>leftmost column. Your own address will probably be the one that sends
>and receives most, so you are really looking for the next chattiest :-)
>
>Regards, K.
>
>--
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>Karl Auer (kauer at biplane.com.au)
>http://www.biplane.com.au/kauer
>http://twitter.com/kauer389
>
>GPG fingerprint: A0CD 28F0 10BE FC21 C57C 67C1 19A6 83A4 9B0B 1D75
>Old fingerprint: A52E F6B9 708B 51C4 85E6 1634 0571 ADF9 3C1C 6A3A
>
>
>
>--
>ubuntu-users mailing list
>ubuntu-users at lists.ubuntu.com
>Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
note new address
Mike Marchywka 306 Charles Cox Drive Canton, GA 30115
2295 Collinworth Drive Marietta GA 30062. formerly 487 Salem Woods Drive Marietta GA 30067 404-788-1216 (C)<- leave message 989-348-4796 (P)<- emergency
More information about the ubuntu-users
mailing list