The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
(Off Topic?) Calling all Coders! (Long) by chuckab 2006-11-19 12:55:59
I'm looking for a utility that I can have running on my "hole-in-wall" system (and perhaps on my Smoothwall Linux-based firewall?) that monitors connections to other computer systems.

My vision: A display that dynamically changes as connections are set up and torn down giving information such as source and destination system(s) (names and IPs?) with application(s) and port(s) used. Now I can see someone making a display that effectively reads the logs as they're being created looking for such entries and displaying them, but I'm looking for something that puts up an entry when a connection is being built, stays visible as long as the connection exists and disappears when the connection is dropped. An additional feature might be a log that shows the connection, setup time, tear-down time, source, destination (with names if available), application(s) and port(s) used.

ANALOGX has a utility (NetStat Live) that monitors line speed that indicates that something is happening and GRC's Zone Alarm will show what program is connecting to the internet, but I can't find anything that shows the actual connection as it occurs. Yes, there are packet logging systems where you can analyze the logs to see PAST connections, but I'm looking for something reasonably close to "real-time" so I can see what my system is either connecting to or allowing connections from.

The reason I ask is a couple of days ago, I came home and noticed that my cable modem was showing some pretty steady activity. NetStat Live indicated that there was some pretty steady traffic on my TCP/IP link. Therefore, I cranked up Zone Alarm and discovered that another AnalogX utility (Atomic Time Sync) was continuously communicating with something. Now this program is only supposed to connect to a time server for a few seconds - just long enough to verify the current time and then drop the connection. Apparently, something got stuck and there was a continuous connection. It would have been nice to see just what system was on the other end of the connection!
Well, I killed the time sync program and the data stream stopped. I restarted it and it didn't resume the continuous connection.

Ah well.

Any ideas?
[ Reply ]
  ItCan.Net Monitor 1.0 by Geoffrey2002-02-14 09:28:37
    Yes, you guessed right by chuckab2002-02-14 10:30:47
    Nice program! by chuckab2002-02-14 12:22:32
  Look into SNMP monitors. by slamlander2002-02-14 10:24:50
  ipfilter and ipfstat by KarlE2002-02-14 12:50:24

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)