Get Future ITKB Cheat Sheets

Receive new DNS, phishing, incident response, and security investigation cheat sheets as they publish. Newsletter only โ€” no site account required. Unsubscribe anytime.

    Network monitoring involves tracking and analyzing network traffic at OSI layers 2 to 4, providing insight into various communication activities across the network protocol stack.

    Here are Linux-based network monitoring tools, categorized by the OSI layer they operate on ๐Ÿ˜Ž๐Ÿ‘†

    Follow @dan_nanni to learn Linux with him

    OSI Layer

    Some Commands can work with many different layers of the OSI Model

    • tcpdump/tshark: Capture Packets and analyze their Layer-2/3/4 header
    • Wireshark: gui counterpart of tcpdump/tshark
    • nmap: scan remote hosts and discover their Layer-2/3/4 services
    • Zabbix: comprehensive monitor for network, servers and apps across layer-2/3/4
    • EtherApe: gui-based network monitor featuring link, IP & TCP mode
    • ntopng: web-based real-time traffic monitor

    Layer-4 Transport Layer

    • ss/netstat: tcp/udp connection stats
    • iperf: measure bottleneck bandwidth
    • netperf: measure Bandwidth/latency
    • nc: read/write to/from network connection
    • tcptrack: troubleshoot tcp-specific issues
    • lsof: check process ownership of tcp/udp
    • ngrep: analyze payloud with layer-4 filter

    Layer-3 Network Layer

    • traceroute: discover routing path to a host
    • ping: test IP-level network connectivity
    • mtr: combine traceroute and ping
    • iftop: measure IP-level throughput
    • ip addr: check layer-3 configuration
    • ip -s route: check routing rules and stats
    • nethog: monitor per-process bw usage

    Layer-2 Data Link Layer

    • ip -s link: show link status & rx/tx/err stats
    • arp: check arp table and neighbor info
    • ethtool: link status, speed & nic settings
    • brctl: show fdb/stp status of linux bridge
    • iwconfig: show wireless link status & stats
    • iwlist: display available wireless networks

    Conclusion

    The Linux commands Dan outlined can be utilized for monitoring network performance and troubleshooting issues on multiple layers of the OSI model.
    Using these tools can help you gain deeper insights on your network’s behavior, detect bottlenecks, and resolve connectivity problems. You can even use these commands just to get a better understanding of how networking works! Try it out today!


    Check out more!


    Credit for this post goes to Dan Nanni.

    Check out more from Dan_nanni: dan_nanni | Instagram | Linktree

    For more articles on Networking Check out:
    Dominate Your Network: The Ultimate Guide to Unmanaged vs Managed Switches

    Interested in security?
    Secure Your Data with Encryption & MFA: Elevate Cybersecurity Game for Ultimate Protection

    Interested in your making your own post?

    Submit Your Own Article