“A few years back, I used an old 486 running Red Hat Linux and
tcpdump to easily diagnose a client’s denial-of-service attack,
illustrating the benefits of creating a powerful network analysis
tool from ‘scrap’ parts. There are plenty of tools to build a
similar Windows-based network analyzer, but Linux can run on
machines that can’t efficiently run Windows.“I will now show you how to test the system and install libcap,
a package that grabs network packet data; tcpdump, a basic but
crucial sniffer package that displays that data sequentially; and
iptraf, which presents trends and summaries of the data…”