Monitoring Network Activity on Linux

In Linux, you can use various tools and commands to monitor network activity. Here are some commonly used methods:

1. iftop:
   • iftop is a real-time console-based network bandwidth monitoring tool. It shows a list of network connections and their corresponding bandwidth usage.
   sudo iftop

2. nload:
   • nload provides a visual representation of incoming and outgoing traffic separately. It also displays a graph for easy interpretation.
   sudo nload

3. iftop:
   • Similar to iftop, iptraf provides a variety of statistics about IP traffic on a network. It includes information about the size of each packet, its source and destination, and more.
   sudo iptraf

4. netstat:
   • The netstat command displays various network-related information, including active connections, listening ports, and routing tables.
   netstat -a

5. ss:
   • Similar to netstat, the ss command provides socket statistics, displaying information about active connections and listening ports.
   ss -a

6. tcpdump:
   • tcpdump is a packet analyzer that allows you to capture and display network packets. It’s a powerful tool for detailed network traffic analysis.
   sudo tcpdump -i <interface>

7. Wireshark:
   • Wireshark is a graphical packet capture and analysis tool. It provides an in-depth analysis of network traffic and is useful for troubleshooting and security analysis.
   sudo wireshark

8. sar:
   • The sar command (System Activity Reporter) provides various system-related statistics, including network-related metrics. Install it if not already available.
   sudo apt-get install sysstat sar -n DEV 1

9. ss:
   • The ss command can also be used for more advanced filtering and display options to show detailed information about network sockets.
   ss -t

10. iftop:
    • Customize iftop with filters to focus on specific network connections or protocols.
    sudo iftop -f <filter_expression>

Choose the tool that best suits your needs based on the level of detail and real-time monitoring you require. Combine these tools to get a comprehensive view of your Linux system’s network activity.