Monitoring Network Access

30 minutes
  • 2 Learning Objectives

About this Hands-on Lab

Understanding networking concepts is a more advanced concept for most system administrators, but it is essential to being successful. In this activity, the we will use the netcat (`nc`) utility to generate network traffic between two servers and view that traffic’s appearance in a tool called `iptraf-ng`.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install Client Utilities

We’ve got to install the two packages that the team will use to generate and monitor traffic. Let’s use YUM to get it done:

[root@server1]# yum install iptraf-ng nc

Repeat this on the other server:

[root@server2]# yum install iptraf-ng nc
Create the Traffic Log File

On the first server, let’s run iptraf-ng and go under Configure... In the menu, don’t forget this isn’t a menu we control with a mouse — it’s all keyboard. Make sure Logging is toggled to On. Set the log file path to: home/cloud_user/traffic_log.txt. Then go into IP traffic monitor. In the next menu, select eth0. Once we press Enter the logging will start.

Listen for Traffic

Let’s open a second terminal into server1 and run sudo su right off. Once we’re there, we’re going to start netcat listening on post 2525 with this:

[root@server1]# nc -l 2525

Send Some Traffic

Now, let’s start talking. Back in the server2 window we’ve got open, send netcat traffic to server1 with this (where x.x.x.x is the internal IP of server1 that we’ll see on the hands-on lab overview page):

[root@server2]# nc x.x.x.x 2525

We’ll just land at a blinking cursor below the prompt, but we can type a message there and press Enter. Once we do, it will show up back in the window we’re listening in on server1. A bunch of messages sent from server2 would look like this:

[root@server2]# nc x.x.x.x 2525
This is a test

On server1, they would look like this when they arrive:

[root@server1]# nc -l 2525
This is a test

That should be enough traffic for what we’re doing. On server2, press Ctrl + C to kill the nc command we’ve got running and flip back over to the terminal we were running iptraf-ng in. Press x to stop the monitoring and get out, then choose Exit from the main menu.

Examine the Log

On server1, if we run ls /home/cloud_user we should see traffic_log.txt listed in the output. Read that to see if it was capturing what we need:

[root@server1]# less /home/cloud_user/traffic_log.txt

We should see some log entries showing traffic going from server2 to server1 on port 2525.

Additional Resources

During the development of a new Web-based API our team is working on, they have discovered that they are receiving intermittent network disconnects from clients, even when they are local to the network of the server itself.

We have been provided credentials and access information for two CentOS 7 systems in their environment. They have asked for us to install tools that they can use to monitor network traffic between the two systems.

We'll have to install the tools we need and create traffic on port 2525 from server2 to server1. We want to get all network traffic sent to /home/cloud_user/traffic_log.txt.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?