Top 10 Ubuntu Network Tools
Ubuntu is the most popular choice for underlying Operating System due to its ease of use and powerful shell system. Due to more and more network access needed in most of the distributed applications today, the restrictions which need to be applied for network access and monitoring has only increased. In this lesson, we will study the ten most popular Network Tools for Ubuntu OS which can be used to monitor network usage with visualization as well.
Top 10 Ubuntu Network Tools
1. Iftop
This is one of the easiest tools to use for network usage and DNS operations. When it is started on Ubuntu, we get a simple screen like:
We can press “h” and we will be shown help screen for more features:
It is very similar to top utility but specialises in network monitoring and knowing which process is using the network at what IP and what bandwidth are they consuming.
2. Vnstat
Vnstat is another network monitoring utility which is usually included in most of the Linux distributions or can be installed very easily. Like the last utility, it allows us to control the network packets sent and received in a given interval of time which is chosen by the user itself. With vnstat help screen, we can see the following features:
$ vnstat —help
vnStat 1.18 by Teemu Toivola
-q, —query query database
-h, —hours show hours
-d, —days show days
-m, —months show months
-w, —weeks show weeks
-t, —top10 show top10
-s, —short use short output
-u, —update update database
-i, —iface select interface ( default: eth0 )
-?, —help short help
-v, —version show version
-tr, —traffic calculate traffic
-ru, —rateunit swap configured rate unit
-l, —live show transfer rate in real time
See also «—longhelp» for complete options list and «man vnstat» .
As it doesn’t have a fancy GUI, we are showing the console output here:
$ vnstat
Database updated: Mon Sep 10 09: 52 :01 2018
rx: 3.32 TiB tx: 2.81 TiB total: 6.13 TiB
monthly
rx | tx | total | avg. rate
————————+————-+————-+—————
Aug ’18 609.40 GiB | 282.21 GiB | 891.61 GiB | 2.79 Mbit/s
Sep ‘ 18 16.95 GiB | 10.46 GiB | 27.40 GiB | 2.80 Mbit / s
————————+————-+————-+—————
estimated 552.14 GiB | 340.70 GiB | 892.83 GiB |
daily
rx | tx | total | avg. rate
————————+————-+————-+—————
yesterday 19.19 GiB | 8.63 GiB | 27.82 GiB | 2.70 Mbit / s
today 16.95 GiB | 10.46 GiB | 27.40 GiB | 2.80 Mbit / s
————————+————-+————-+—————
estimated 17.81 GiB | 10.99 GiB | 28.80 GiB |
Clearly, it also provides an estimate of the data which will be used at a same rate for the month.
3. Iptraf
Iptraf is another great console-based network monitoring tool for Ubuntu or Linux in general which collects a huge amount of data in terms of IPs which passes through the network with a deep dive in detail like their ICMP flags, TCP faults and byte count. Even a basic interface for the same will look like:
Apart from the packet tracking byte count, we have many more features like:
4. Hping3
Hping3 is a command line utility which is similar to Ping command with a small addition that it can use TCP, UDP, and RAW-IP as transport protocols. The main feature is that it doesn’t only check if a Port or an IP is open but it also measures the round trip time the packet took to come back. For instance, if we need to check if www.google.com has an open port 443 and calculate the round-trip time, we can use the following command:
Here is what we get back with this command:
5. Dstat
Dstat is comparatively a less known network monitoring tool in Linux family. Dstat allows us to display all of our system resources in near real-time, we can eg. compare disk utilization in combination with interrupts from our IDE controller, or compare the network bandwidth numbers directly with the disk throughput (in the same interval).
Find more information here for this tool.
6. Icinga
Icinga is an enterprise-grade tool for network monitoring which also takes care of any suspicious activity on the server and informs configured users like admin about such activities. It has a very nice interactive dashboard which looks like:
It is even possible to try a demo dashboard for this tool. Visit this page for more information.
7. slurm
slurm is a smart and simple network load monitoring tool. It has the following features:
- It provides real-time traffic statistics
- It has three graph modes: combined RX and TX and two split views
- It can monitor any network device
- It curses ASCII graphics
- It has an ASCII theme support
It is an open-source networking tool (look here for the source code). It has a basic interface like:
8. bmon
bmon, which stands for Bandwidth Monitor, is another network monitoring tool with a speciality that it can monitor multiple interface traffic. It also provides information about packets, errors and much more data critical for monitoring. Once installed, here is the list of features it provides for monitoring:
When we start it with a network interface, we will see a simple interface like:
9. Nmap
Nmap is one of the most popular network scanners for common use. The information it can provide includes (but not limited to):
- It can tell what’s running on a given network hosts
- Scan and identify open TCP Ports
- Which OS is running on given IP
- Ping sweeps on an IP subnet
We can -O option for OS detection. Let’s look at an example command we used:
10. Tcpdump
Tcpdump is an excellent tool which goes beyond its scope to provide features like sniffing as well. It can analyze data which is going out of the host and also the data which is arriving on the host. It is possible to intercept the traffic between two hosts with this tool as well (of course you need to have access to those hosts). We first try a command to see what data is going out of our host:
Next, we can also try to sniff traffic going out of a particular port:
Conclusion
In this lesson, we looked at some most popular networking tools in the Ubuntu ecosystem. Even though we might have missed some good tools, please mention them to my Twitter handle which you think should have made the cut @sbmaggarwal or @linuxhint.
About the author
Shubham Aggarwal
I’m a Java EE Engineer with about 4 years of experience in building quality products. I have excellent problem-solving skills in Spring Boot, Hibernate ORM, AWS, Git, Python and I am an emerging Data Scientist.
60 Linux Networking commands and scripts
Recently, I wanted to test network throughput via command line with at least 3 tools. For the life of me, I could not remember iperf . Not being able to remember previously used command line tools is frustrating and something we can all relate to. So I created a go-to list of network tools for myself. Then, I thought, why not turn this list into a blog post? So I spent another hour or two compiling this ongoing list of Linux Networking Commands and Scripts. I look forward mostly to suggestions, because I know there’s always something missing or new scripts out there to try.
Linux Networking commands and scripts
iperf command example/screenshot
This list of Linux Networking commands and scripts will receive ongoing updates:
- aria2 – downloading just about everything. Torrents included.
- arpwatch – Ethernet Activity Monitor.
- bmon – bandwidth monitor and rate estimator.
- bwm-ng – live network bandwidth monitor.
- curl – transferring data with URLs. (or try httpie)
- darkstat – captures network traffic, usage statistics.
- dhclient – Dynamic Host Configuration Protocol Client
- dig – query DNS servers for information.
- dstat – replacement for vmstat, iostat, mpstat, netstat and ifstat.
- ethtool – utility for controlling network drivers and hardware.
- gated – gateway routing daemon.
- host – DNS lookup utility.
- hping – TCP/IP packet assembler/analyzer.
- ibmonitor – shows bandwidth and total data transferred.
- ifstat – report network interfaces bandwidth.
- iftop – display bandwidth usage.
- ip (PDF file) – a command with more features that ifconfig (net-tools).
- iperf3 – network bandwidth measurement tool. (above screenshot Stacklinux VPS)
- iproute2 – collection of utilities for controlling TCP/IP.
- iptables – take control of network traffic.
- IPTraf – An IP Network Monitor.
- iputils – set of small useful utilities for Linux networking.
- iw – a new nl80211 based CLI configuration utility for wireless devices.
- jwhois (whois) – client for the whois service.
- “lsof -i” – reveal information about your network sockets.
- mtr – network diagnostic tool.
- net-tools – utilities include: arp, hostname, ifconfig, netstat, rarp, route, plipconfig, slattach, mii-tool, iptunnel and ipmaddr.
- ncat – improved re-implementation of the venerable netcat.
- netcat – networking utility for reading/writing network connections.
- nethogs – a small ‘net top’ tool.
- Netperf – Network bandwidth Testing.
- netplan – Netplan is a utility for easily configuring networking on a linux system.
- netsniff-ng – Swiss army knife for daily Linux network plumbing.
- netwatch – monitoring Network Connections.
- ngrep – grep applied to the network layer.
- nload – display network usage.
- nmap – network discovery and security auditing.
- nmcli – a command-line tool for controlling NetworkManager and reporting network status.
- nmtui – provides a text interface to configure networking by controlling NetworkManager .
- nslookup – query Internet name servers interactively.
- ping – send icmp echo_request to network hosts.
- route – show / manipulate the IP routing table.
- slurm – network load monitor.
- snort – Network Intrusion Detection and Prevention System.
- smokeping – keeps track of your network latency.
- socat – establishes two bidirectional byte streams and transfers data between them.
- speedometer – Measure and display the rate of data across a network.
- speedtest-cli – test internet bandwidth using speedtest.net
- ss – utility to investigate sockets.
- ssh – secure system administration and file transfers over insecure networks.
- tcpdump – command-line packet analyzer.
- tcptrack – Displays information about tcp connections on a network interface.
- telnet – user interface to the TELNET protocol.
- tracepath – very similar function to traceroute.
- traceroute – print the route packets trace to network host.
- vnStat – network traffic monitor.
- websocat – Connection forwarder from/to web sockets to/from usual sockets, in style of socat.
- wget – retrieving files using HTTP, HTTPS, FTP and FTPS.
- Wireless Tools for Linux – includes iwconfig, iwlist, iwspy, iwpriv and ifrename.
- Wireshark – network protocol analyzer.
- Suggestions welcomed.
Published: January 31st, 2020 | Last updated: April 13th, 2022