Network grep


Article from Issue 148/2013

Ngrep is a pattern-matching tool that sorts the wheat from the chaff and doubles as a lightweight packet sniffer.

You might want to inspect your network at a very detailed level for a number of legitimate reasons. Much of the time, it’s to debug an application that’s misbehaving and connecting to a server on the wrong port, or maybe a colleague has noticed a slowdown on a particular network link, and you need to diagnose where the sudden flood of multidirectional traffic is coming from.

On the other hand, you might need to check the exact nature of an attack and perform some realtime forensic diagnostics to circumvent it. Leaving the networking aspects aside for a moment, even an admin solely responsible for systems and not networks (an exceptionally rare remit these days, admittedly) needs a highly functional packet sniffer available at all times. Because systems rely so heavily on connectivity for multifaceted Internet usage, it’s imperative for admins to be able to inspect the contents of the network deeply and interpret the results proficiently.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Table of Contents: 148

    Science fiction authors and high-tech visionaries dream of a future where humans and computers communicate in ordinary English. A new cloud-based tool brings that future a little closer.

  • Capture File Filtering with Wireshark

    Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

  • Backdoors

    Backdoors give attackers unrestricted access to a zombie system. If you plan to stop the bad guys from settling in, you’ll be interested in this analysis of the tools they might use for building a private entrance.

  • Security Lessons

    Building a network flight recorder with Wireshark.

  • Wireshark

    If you know your way around network protocols, you can get to the source of a problem quickly with Wireshark.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95


njobs Europe
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia