Results 1 to 7 of 7

Thread: iptraf not working

  1. #1
    Join Date
    Mar 2007
    Posts
    21

    Default iptraf not working

    Hi
    2 days ago, some bastard has found a way to upload some scripts in my /tmp folder, and after that he started an UDP flood from my server. Now I have a fresh OS, a better configured firewall, but I'm still worried because I'm not sure if I'm safe.

    I have decided to use a different "upload_tmp_dir" for each domain in order to find out the site that permitted script uploading.

    It would be great if I could make iptraf working but I couldn't. It doesn't see anything on venet0. Any alternative for this?

    Also any advice would be great.
    Thanks

  2. #2
    Join Date
    Jul 2009
    Location
    New York
    Posts
    465

    Default

    this is an interesting question because iptraf is a kernel level sniffing program. Some say it works and some say it doesn't in ve's.

    You can specify the interface using iptraf -u or iptraf -i and see if it works that way.

    If that doesn't seem to work than you have to find something else. I can't think of one at the moment however.
    Happily on a Link3. Feel free to request a refferal code that takes a 10% lifetime discount off your hosting.
    Please open a SUPPORT TICKET AND CALL vpslink to resolve your vpslink problems FIRST
    I am a CUSTOMER Only. Any vpslink issues should be directed to Matt@VPSLink and/or Michael@VPSLink

  3. #3
    Join Date
    Jun 2008
    Posts
    232

    Default

    Quote Originally Posted by Cwewmpz View Post
    If that doesn't seem to work than you have to find something else. I can't think of one at the moment however.
    How about tcpdump?

  4. #4
    Join Date
    Mar 2007
    Posts
    21

    Default

    tcpdump capture everything, but the screen is scroling like in Matrix movie. I can't figure out how to group packets by ip or port.

  5. #5
    Join Date
    Jul 2009
    Location
    New York
    Posts
    465

    Default

    trafshow is usable on venet0
    Happily on a Link3. Feel free to request a refferal code that takes a 10% lifetime discount off your hosting.
    Please open a SUPPORT TICKET AND CALL vpslink to resolve your vpslink problems FIRST
    I am a CUSTOMER Only. Any vpslink issues should be directed to Matt@VPSLink and/or Michael@VPSLink

  6. #6
    Join Date
    Jun 2008
    Posts
    232

    Default

    Quote Originally Posted by costy81gl View Post
    tcpdump capture everything, but the screen is scroling like in Matrix movie. I can't figure out how to group packets by ip or port.
    google is your friend.

    For example an excerpt from one hit Notes on the use of TCPDump:
    Quote Originally Posted by Alastair Matthews
    Source and Destination addresses and Ports

    To capture packets to or from particuar groups or hosts a range of expression can be used, here are some example.

    To capture all traffic with host churchward as source or destination address

    tcpdump host churchward

    To capture all traffic with the tcp or udp, source or destination port number 53

    tcpdump port 53

    To capture all traffic with the source address churchward

    tcpdump src host churchward

    To capture all trafffic with the destination tcp or udp port 53

    tcpdump dst port 53

    To capture all TCP traffic with the source address churchward

    tcpdump tcp src host churchward

    To capture all trafffic with the destination udp port 53

    tcpdump udp dst port 53

  7. #7
    Join Date
    Jul 2009
    Location
    New York
    Posts
    465

    Default

    this thread is closed due to spam. Please Private Message me if there is a reason you wish to add to this thread. Thank you.
    Happily on a Link3. Feel free to request a refferal code that takes a 10% lifetime discount off your hosting.
    Please open a SUPPORT TICKET AND CALL vpslink to resolve your vpslink problems FIRST
    I am a CUSTOMER Only. Any vpslink issues should be directed to Matt@VPSLink and/or Michael@VPSLink

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •