EtherApe is a program which makes it very easy to see, monitor, and inspect all network connections to your computer in Ubuntu, and possibly other Linux distributions.
The EtherApe interface shows you your network connections as labelled circles with lines connecting them. Double clicking any of the labelled circles brings up a small dialog that shows details about that connection.
Among these details are the Internet protocols being used by that connection, uploaded bytes, and downloaded bytes.
To see EtherApe in action watch the video on this page.
Each of the lines connecting the labeled circles will be color coded according to the Internet protocol in use on that connection.
As data transmission occurs on a connection the connection line will swell to a triangle shape with the wide end at the end of the connection which is currently sending the data.
When EtherApe first starts running, all connections will be labelled with their ip addresses, but after it runs for a few minutes the ip addresses get resolved to their domain names which makes it easier to tell what you are connected to.
You can also use EtherApe to replay packet capture sessions from other network monitoring software such as WireShark. Since WireShark does not have such a graphically oriented interface it's interesting to play it's packet capture sessions in EtherApe for a different perspective.
If any of the connections look suspicious to you, you can do a whois search on the domain name to find out more about it. Look for connections that you cannot determine the program responsible for making that connection when you are deciding which ones are suspicious. The use of an unusual protocol by a connection could point out a problem as well, so read up on what the different protocols are for at Wikipedia below.
| http | tcp | udp | ntp | msnp | route | domain | pop3 | smtp | sgmp | ftp |
Most connections shown by EtherApe are easy to determine what they are for, and which program is using them with a little practice.
There are network monitoring programs which give much more detailed information than EtherApe, but for a quick overview of the traffic connecting to your machine EtherApe provides a graphically intuitive interface that makes it easy to get a feel for how much traffic is happening at any point in time.
Like this page? Link to it from your own website; just copy/paste this HTML:Not finding what you're looking for? Try the search box below.
