Network grep

Thresher

Article from Issue 148/2013
Author(s):

Ngrep is a pattern-matching tool that sorts the wheat from the chaff and doubles as a lightweight packet sniffer.

You might want to inspect your network at a very detailed level for a number of legitimate reasons. Much of the time, it’s to debug an application that’s misbehaving and connecting to a server on the wrong port, or maybe a colleague has noticed a slowdown on a particular network link, and you need to diagnose where the sudden flood of multidirectional traffic is coming from.

On the other hand, you might need to check the exact nature of an attack and perform some realtime forensic diagnostics to circumvent it. Leaving the networking aspects aside for a moment, even an admin solely responsible for systems and not networks (an exceptionally rare remit these days, admittedly) needs a highly functional packet sniffer available at all times. Because systems rely so heavily on connectivity for multifaceted Internet usage, it’s imperative for admins to be able to inspect the contents of the network deeply and interpret the results proficiently.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Table of Contents: 148

    Science fiction authors and high-tech visionaries dream of a future where humans and computers communicate in ordinary English. A new cloud-based tool brings that future a little closer.

  • Capture File Filtering with Wireshark

    Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

  • Snort

    Search out hidden attacks with the Snort intrusion detection system.

  • Backdoors

    Backdoors give attackers unrestricted access to a zombie system. If you plan to stop the bad guys from settling in, you’ll be interested in this analysis of the tools they might use for building a private entrance.

  • Security Lessons

    Building a network flight recorder with Wireshark.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News