How to detect/monitor the hosts/urls being accessed?

Solution 1:

For just watching general traffic destinations, I like using iftop:

sudo iftop

It'll show a live report with speeds, through-put, etc:

                25.0Kb          50.0Kb          75.0Kb          100Kb      125Kb
└───────────────┴───────────────┴───────────────┴───────────────┴───────────────
system.outflux.net         => wildcard-edge-launchpad-n  3.49Kb  3.94Kb  3.94Kb
                           <=                            3.38Kb  10.3Kb  10.3Kb
────────────────────────────────────────────────────────────────────────────────
TX:             cumm:  71.3KB   peak:    154Kb  rates:    154Kb  95.0Kb  95.0Kb
RX:                    47.6KB            126Kb            126Kb  63.4Kb  63.4Kb
TOTAL:                  119KB            280Kb            280Kb   158Kb   158Kb

Note that iftop will choose the first network interface it finds to monitor (usually eth0 for your ethernet cable). If you'd like it to listen to another interface, like your wireless card, you can list valid interfaces with ifconfig, and then call iftop -i [interface_name].

For watching your browser, I recommend the Tamper Data extension for Firefox. Opening its window will show you all the active and historical requests:

enter image description here

Solution 2:

Hmmm, you can set up a http proxy software (like squid) and using that: proxy server will log accesses. Another solution: use netfilter of the linux kernel (with iptables) to log network connections. If you use the ULOG target, with ulogd daemon you can use different log file, LOG will use the kernel log, which is not so nice in my opinion since other messages go there too which are produced by the kernel.

How to detect/monitor the hosts/urls being accessed?

Solution 1:

Solution 2:

Related

Recent Posts