Network Benchmarking and Troubleshooting
For Network Benchmarking and Monitoring we will be discussing two user-friendly tools namely.
- Nmon
- Monitorix
- Darkstat
Nmon is a computer performance system monitor and network benchmarking tool for Linux operating systems. It can display various information such as CPU, Disks, Resources, Virtual memory, Network, etc. Run the following command to install nmon tool.
$ sudo apt install nmon
or
$ aptitude update && aptitude install nmon
Execute the below command to run nmon tool.
$ nmon
Nmon can be used to monitor the network traffic in real-time to prevent unnecessary network loads and look out for threats.
2. Monitorix
Monitorix is a GUI-based utility tool that can be used to monitor both system resources as well as network bandwidth. Monitorix is a lightweight but powerful tool that can display and track usage stats and network traffic data. It is ideal for small to medium scaled networks. Monitorix supports both IPV4 and IPV6 connections and also displays packet traffic graphs. They support an unlimited number of devices in a single network. Install Monitorix using the following command.
$ sudo apt install monitorix
Monitorix comes with a default configuration file at /etc/monitorix/monitorix.conf. The default settings work for most of the part but to fine-tune the settings you can read the official documentation from Monitorix Manual and edit the configuration file using any text editor of your choice.
To access the Monitorix interface enter the following URL in your browserâs address box.
https://<ip-address>:<port-address>/monitorix
Replace <ip-address> and <port-address> with your desired IP address and port address respectively.
To run monitorix interface on your own computer enter the following URL in your browser.
http://localhost:8080/monitorix
3. Darkstat
Darkstat is a web-based network analyzer interface that can be used to display statistics on network traffic, protocols, and general connection data. Darkstat can be installed in debian-based systems using the apt package manager by the following command.
$ sudo apt install darkstat
Darkstat has to be configured before the first time, the configuration file is present in /etc/darkstat/init.cfg. Edit the file using the following command.
$ nano /etc/darkstat/init.cfg
Initially the init.cfg file will be like this.
Replace your configuration file with the following code.
# Turn this to yes when you have configured the options below.
START_DARKSTAT=yes
# Donât forget to read the man page.
# You must set this option, else darkstat may not listen to
# the interface you want
INTERFACE=â-i ens33âł
DIR=â/var/lib/darkstatâ
PORT=â-p 666âł
BINDIP=â-b 0.0.0.0âł
#LOCAL=â-l 192.168.0.0/255.255.255.0âł
# File will be relative to $DIR:
DAYLOG=ââdaylog darkstat.logâ
# Donât reverse resolve IPs to host names
#DNS=ââno-dnsâ
#FILTER=ânot (src net 192.168.0 and dst net 192.168.0)â
# Additional command line Arguments:
# OPTIONS=ââsyslog âno-macsâ
The interface of your system can be found using the following command.
$ ip addr
Here the name of my interface in use is ens33, so alter the name of the network in the configuration file.
By default darkstat uses the port 666, so we have to open up the port before using it. Use the following commands to allow 666 port to bypass firewall configurations.
$ sudo ufw allow 666/tcp
To reload firewall
$ sudo ufw reload
To check whether darkstat is listening to port 666 execute the following command.
$ ss -antpl | grep 666
Start the darkstat services again to fetch the new configuration files. Use the following command to restart the services
Run the following command to check the status of darkstat
$ systemctl status darkstat
Once everything is up and running you have successfully configured darkstat, and can be accessed using the url http://localhost:666 in your browser.
How to Audit Network Performance, Security, and Troubleshooting in Linux
Network security auditing is the process of assessing a networkâs health by analyzing and studying the flow of data through the network. Network auditing is one of the critical steps to detect potential security threats and errors within the network. Security audits are either performed manually or are automated using various testing tools, they are crucial because they ensure whether the network is secure and void of any security vulnerabilities or loopholes that can be exploited by an attacker. A basic security audit may include.
- Analysis of all Network devices
- Analysis of the Network Infrastructure
- Identifying network policies
- Risk Assessment
- Firewall Assessment
- Penetration testing
- Report drafting
Network performance refers to the quality of the network, it is measured by Bandwidth, Throughput, Latency, and Jitter. They can be measured by using various network monitoring tools. Below mentioned are some tools that are used to monitor network performance. In this article, we will briefly discuss some basic auditing techniques.
Contact Us