A few years back, I used an old 486 running Red Hat Linux and tcpdump to easily diagnose a client's denial-of-service attack, illustrating the benefits of creating a powerful network analysis tool from "scrap" parts. There are plenty of tools to build a similar Windows-based network analyzer, but Linux can run on machines that can't efficiently run Windows.

I will now show you how to test the system and install libcap, a package that grabs network packet data; tcpdump, a basic but crucial sniffer package that displays that data sequentially; and iptraf, which presents trends and summaries of the data.

Because your system will be used as a remote machine for data gathering and performance testing, ensuring network connectivity is critical. As part of the Linux distribution installation, the Secure Shell daemon (SSHD) should have been enabled. This is a program for logging into and executing commands on a remote machine. Note that the Windows equivalent to a daemon is, essentially, a service. It may be started and stopped at boot-up or during a root session.

Get root and check ssh

Log into the machine as the account created during the installation, and then become root (the administrative account) by typing su root. If the machine is running the SSHD, TCP Port 22 will be open and listening for connections. The command netstat -an|grep 22 will produce a line showing that the machine is listening on Port 22. Also check to see if the process is running. By typing ps ax|grep sshd the process ID and file-system location of the SSHD should appear. You may also get another line of output showing the grep process that you just ran. For more information on these or any other commands, simply type man followed by the command name.