Monitor Network Traffic on Ubuntu 22.04 with Sniffnet | Best Monitoring

This tutorial will guide you through the process of installing and using Sniffnet, a powerful network monitoring tool, on Ubuntu 22.04. Sniffnet, written in Rust, offers real-time insights into your system’s internet traffic and provides a range of helpful features for analysis and troubleshooting. With Monitor Network Traffic on Ubuntu 22.04 with Sniffnet, you can gain valuable visibility into your network activity.

Sniffnet features include:

• Real-time Network Monitoring: Observe network connections and traffic in real-time.
• Traffic Analysis: Analyze traffic patterns and identify potential bottlenecks.
• Protocol Identification: Identify the protocols used by different network connections.
• Geographic Location: Determine the geographic location of IP addresses.
• Detailed Connection Information: Access detailed information about each network connection.
• Customizable Filters: Filter network traffic based on various criteria.
• User-Friendly Interface: Enjoy a clean and intuitive user interface.

To Monitor Network Traffic on Ubuntu 22.04 with Sniffnet, ensure you have access to an Ubuntu 22.04 server with either root or sudo privileges. If you need assistance with initial server setup, refer to a guide on Initial Server Setup with Ubuntu 22.04.

Now, let’s walk through the steps to Monitor Network Traffic on Ubuntu 22.04 with Sniffnet.

Step 1 – How To Install Sniffnet on Ubuntu 22.04?

First, update and upgrade your system packages:

apt update && apt upgrade -y

Next, install the necessary dependencies for Sniffnet:

apt install libpcap-dev -y

Visit the GitHub Sniffnet Release page and download the latest Deb package using the wget command:

wget https://github.com/GyulyVGC/sniffnet/releases/download/v1.2.1/Sniffnet_LinuxDEB_amd64.deb

Once the download is complete, install the Sniffnet Deb package:

dpkg -i Sniffnet_LinuxDEB_amd64.deb

Note: If you are a non-root user, grant Sniffnet the necessary capabilities to inspect network adapters:

sudo setcap cap_net_raw,cap_net_admin=eip <your/Sniffnet/executable/path>

Step 2 – How To Access Sniffnet Network Traffic Monitoring Tool?

Launch Sniffnet from the terminal:

sniffnet

This command will open the Sniffnet dashboard.

Step 3 – Start Monitoring Network Traffic on Ubuntu 22.04 with Sniffnet

Upon the first launch, select the network adapter, filters, and application protocol.

Select eth0, both filters, and all application protocols. Click the rocket button to start monitoring.

Sniffnet displays current network connections and a traffic rate graph.

For detailed network connection information, click the “Inspect” tab.

This view provides IP addresses, packet counts, data volume, originating country, and other details.

Click the “Arrow file icon” for a full text-based report. Clicking any IP address displays detailed connection information.

Access the Settings section by clicking the “Settings” icon in the top right corner to customize notifications, themes, and language preferences.

Conclusion

You have successfully installed and learned to use Sniffnet to Monitor Network Traffic on Ubuntu 22.04 with Sniffnet. Sniffnet allows you to monitor network connections in real-time, display network connection reports, and inspect individual network connections.

Alternative Solutions for Network Traffic Monitoring

While Sniffnet offers a user-friendly GUI for network traffic monitoring, several command-line tools provide powerful alternatives for analyzing network traffic on Ubuntu 22.04. These tools can be particularly useful for scripting, automation, and remote server environments where a GUI is not available. Here are two alternative approaches:

1. Using tcpdump

tcpdump is a widely used command-line packet analyzer. It captures network traffic and allows you to filter and analyze packets based on various criteria. It is an incredibly powerful tool, though it requires understanding of network protocols and packet structures.

Explanation:

tcpdump works by listening to network interfaces and capturing packets that match specified filters. You can filter traffic based on source or destination IP address, port number, protocol (TCP, UDP, ICMP), and more. The output can be displayed in a human-readable format or saved to a file for later analysis.

Code Example:

To capture traffic on interface eth0 and display it in the terminal, use:

sudo tcpdump -i eth0

To capture only HTTP traffic (port 80) on eth0, use:

sudo tcpdump -i eth0 port 80

To save the captured traffic to a file named capture.pcap, use:

sudo tcpdump -i eth0 -w capture.pcap

You can then analyze the capture.pcap file using tcpdump or other packet analysis tools like Wireshark. This allows for offline analysis and reporting.

2. Using iftop

iftop is a real-time network traffic monitor that displays a table of current network connections, showing the bandwidth usage for each connection. It’s an excellent tool for quickly identifying which hosts are consuming the most bandwidth.

Explanation:

iftop analyzes network traffic and displays a list of the top network connections, sorted by bandwidth usage. It shows the source and destination IP addresses, port numbers, and the current and historical bandwidth usage for each connection. This provides a quick overview of network activity and helps identify bandwidth hogs.

Code Example:

First, install iftop:

sudo apt update
sudo apt install iftop

Then, run iftop on the eth0 interface:

sudo iftop -i eth0

iftop will display a real-time table of network connections and their bandwidth usage. Use the keyboard shortcuts (e.g., h for help) to customize the display and filter the traffic.

By using these alternative methods, you can gain a deeper understanding of your network traffic and troubleshoot network issues effectively. These command-line tools provide flexibility and power, complementing GUI-based tools like Sniffnet and offering a broader range of options for network monitoring on Ubuntu 22.04.