Nfsen: Traffic Classification

Nfsen is open source sensor: it accepts netflow data from multiple netflow probes (servers, routers, vpn concentrators etc) and then visualizes it into human readable form. So using Nfsen you can see traffic statistics of every network device in your network in one place (actually Nfsen provides much more features). By default Nfsen makes it possible to see only inbound and outbound traffic statistics but no protocol breakdown or any traffic […]

Read more →

 

Phone call as Nagios notification

Some time ago I found it pretty useful to configure Nagios monitoring system to send me a phone call in case of some critical problem. If some mission critical application goes down at night most probably you’ll miss an e-mail or sms notifying about that but won’t miss a telephone call to your cell phone. Honestly a telephone call is much more notorious rather than IM message notification or, again, […]

Read more →

 

Linus Torvalds -- The Facts You Didn't Know

Some of you may well be younger than Linux, some of you may have grown up with the OS, and some of you, more ancient ones, may well remember thinking that this stuff is going to ‘blow the bloody doors off’ as Michael Caine put it when you first encountered it. But how about Linus Torvald, the man who wrote the first kernel? Here we’re going to give you an […]

Read more →

 

Install nfdump and nfsen netflow tools in Linux

Using nfsen it is possible to view IP traffic statistics on Linux interfaces including the graphs showing data sent and received (see the screenshot to the right) as well as historical information about all data transfers. So after you’ve configured nfsen and nfdump to monitor traffic on certain Linux server or router you’ll be able to answer the following example questions: What IP was downloading data through 48161 last Wednesday? […]

Read more →

 

Quick Tip: Increase port range available for applications

By default an average Linux distribution allows applications to use the following TCP port range for outgoing connections: 32,786-65,536. That’s why your system can handle up to 28,232 TCP sessions at time. Notice, this is more than enough if your Linux system is installed on the laptop or desktop and you just use it for occasional visits to facebook.com, gmail.com and linuxscrew.com (yeah!). But if you run proxy/webcache like squid […]

Read more →