Etherape Introduction

Introduction

[Etherape]

is a graphical network monitoring tool that shows nodes on a network organised in a circle and any traffic as a link between the two parties.

Looking at the picture on the right, it shows all of the computers that have sent data on the network within the last 60 seconds (by default), after which they're removed from the display. It also shows a number of connections between computers, where the size of the line is proportional to the amount of data being transferred.

In this particular case, the computer 192.168.30.125 is receiving a large amount of data from btr0x2.rz.uni-bayreuth.de as the node is far larger at the end sending the data. Also, the computers DELTAPI and peterm.local are both broadcasting for SMB purposes.

The colours of the lines indicates the protocol being used, against the key along the left hand side, e.g. red is HTTP.

 

Installing/running

Etherape is packaged in both Debian/Ubuntu and Fedora.

 # apt-get install etherape
 # yum install etherape

To run it, simply run etherape as root (sudo etherape). It will track any data flowing through your computer, including if it runs as a router.

Spotting problems

Tags: