• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 224
  • Last Modified:

I have configured server and want to trace the traffic under that IP live...

Hi there,

I have a FileZilla server. I configured the server with its defaults and set the user and credential...

I want to trace the traffic on that IP live...Which tool do you recommend me? (pref. free)

Best regards...
0
jazzIIIlove
Asked:
jazzIIIlove
  • 6
  • 5
3 Solutions
 
RowleyCommented:
http://www.wireshark.org/

There is no better imho.
0
 
jazzIIIloveAuthor Commented:
ok...i installed wireshark...But how am i going to set the remote servers IP? I want to see the traffic in my local machine...So, what am i going to do? How can i set the remote machine's IP in the tool?

Best regards...
0
 
RowleyCommented:
You'll be able to monitor any traffic between your own pc and the remote machine. To analyse network traffic on the server, you'll need to install wireshark on the server.

A filter to view all traffic destined for a particular host, type:

ip_dst_host == "x.x.x.x" where x.x.x.x is the destination ip address.

you can string filters together using "and", for example:

ip_src_host == "x.x.x.x" and ip_dst_host == "x.x.x.x".

Thus endeth this brief tutorial. For more help and information, including manuals and documentation on how to use wireshark, check out:

http://wiki.wireshark.org/
http://www.wireshark.org/docs/
http://www.wireshark.org/lists/

Good paper on it here: http://www.willhackforsushi.com/books/377_eth_2e_06.pdf

Happy reading!
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
jazzIIIloveAuthor Commented:
is it possible to monitor the server by installing a software to my home PC?

I have the IP and credentials of remote server...So isn't that possible to monitor with my localhost?
0
 
RowleyCommented:
Yes, it may be possible.
0
 
jazzIIIloveAuthor Commented:
cool, how...any example?

I raised the point to 500 for this, because it gets complicated...
0
 
RowleyCommented:
...well...what is it exactly you want to monitor?
0
 
jazzIIIloveAuthor Commented:
<<...well...what is it exactly you want to monitor?
Just who downloads what...Any attacks on the machine...There is no SSH server and the connections are insecure so i just want to track it from my home...
0
 
RowleyCommented:
Well...access information is in the access logs. Use a web log analysis tool such as Analog, webalizer, awstats or anything else you might come across.

There are also many free services out there that will monitor http access given a url. One i've used is http://www.siteuptime.com/ . The costs are fairly cheap if you want to subscribe for regular polling.

To provide you with some basic form of protection against attack, use http://www.modsecurity.org module for apache.

Can't really help you any more...stuff like this is well beyond the scope of a forum thread imho.
0
 
jazzIIIloveAuthor Commented:
thanks but i don't need http access...I need ftp access...Any links regarding this?
0
 
jazzIIIloveAuthor Commented:
ok.ok i see the ftp under http://www.siteuptime.com/ .
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now