4

Open Source Linux network analyzer

Which are there? What features do they offer?

Martin K.
  • 750

11 Answers11

22

What exactly do you need?

  • wireshark - network sniffer/analyzer
  • iftop - bandwidth usage
  • darkstat - traffic analyzer
  • nmap - network port scanner
  • nessus - vulnerability scanner
  • metasploit - penetration testing
ko-dos
  • 1,397
5

Can't believe nobody mentioned tcpdump. Click on the link to see the list of features

dmityugov
  • 756
4

ntop is a solution that has been around for a while, can be extended with plugins. Here is a short how-to.

Kyle Brandt
  • 85,693
3

Wireshark (formerly ethereal) is my favorite.

James
  • 407
3

A few more:

  • lanmap2 - sits quietly on a network and builds a picture of what it sees.
  • kismet - wireless sniffer
  • nikto - web server scanner
  • nast - another network sniffer/analyzer
user14099
  • 31
1

A missing tool from the list is ettercap. A text-based tool to analyse a subnet and perform active or passive scans of the subnet. It can also monitor packets and display streams.

Paul de Vrieze
  • 131
1

If you need a network traffic analyzer you can use tshark (it's the console version of wireshark).

Marthellius
  • 31
0

MRTG for nice pretty pictures and graphs (management p0rn) via SNMP monitoring. does everything i need, but if u dont list your requirements its quite hard to guess what you want.

MattB
  • 116
0

p0f - passive OS fingerprinting (http://lcamtuf.coredump.cx/p0f.shtml)

martineg
  • 150
0

for reconaissance / mostly real time analysis:

  • tshark - text-only version of wireshark when tcpdump is too cryptic.
  • httpry - simple nice passive http protocol sniffer.
  • ngrep - displays payload of selected traffic
pQd
  • 30,537
0

If you need a network intrusion IDS/IPS tool, Snort is one such open source tool.

fpmurphy
  • 841