Packet Sniffer, tcptrack


Here comes another good packet sniffer. After you have learned about packet sniffers like netstat etc in your Red Hat Linux Training.


Tcptrack is a sniffer which displays information about TCP connections it sees on a network interface. It passively watches for connections on the network interface, keeps track of their state and displays a list of connections in a manner similar to the unix ‘top’ command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.

Installing it on ubuntu is straight forward, just use –

sudo apt-get install tcptrack

For RHEL users, you can download the tcptrack from this link –

Now once installed it is very easy to use. To start with it just give the command – tcptrack -i eth0

You can change eth0 with the interface you want to monitor with tcptrack.

You can also use tcptrack to monitor a specific type of traffic like, you can give – tcptrack -i eth0 port 80

to monitor web traffic. Please refer the man pages of tcptrack to dig more and to learn more.

Here is a small illustration of tcptrack from my machine.

packet sniffer tcptrack

packet sniffer tcptrack