Packet Sniffer, tcptrack


Here comes another good packet sniffer. After you have learned about packet sniffers like netstat etc in your Red Hat Linux Training.


Tcptrack is a sniffer which displays information about TCP connections it sees on a network interface. It passively watches for connections on the network interface, keeps track of their state and displays a list of connections in a manner similar to the unix ‘top’ command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.

Installing it on ubuntu is straight¬†forward, just use –

sudo apt-get install tcptrack

For RHEL users, you can download the tcptrack from this link –

Now once installed it is very easy to use. To start with it just give the command – tcptrack -i eth0

You can change eth0 with the interface you want to monitor with tcptrack.

You can also use tcptrack to monitor a specific type of traffic like, you can give – tcptrack -i eth0 port 80

to monitor web traffic. Please refer the man pages of tcptrack to dig more and to learn more.

Here is a small illustration of tcptrack from my machine.

packet sniffer tcptrack

packet sniffer tcptrack