Degradation in network performance or other network problems can adversely affect the availability of your services. Network monitoring tools can alert you to problems early, so you can take corrective action to avoid or minimize downtime.
You can monitor network activity in the Network pane of the Activity Monitor app, located in the Utilities folder. You can also use the following command-line tools and third-party tools to monitor activity on your network.
tcpdump
To monitor network activity, use the tcpdump utility in OS X Server. This utility prints the headers of incoming and outgoing packets on a network interface that match specified parameters.
Using tcpdump to monitor network traffic especially useful when trying to detect denial of service (DoS) attacks. For example, the following command monitors incoming traffic on port 80 on your computer:
sudo tcpdump -i en0 dst port 80If you detect an unusual number of requests coming from the same source, use firewall service to block traffic from that source.
For more information about tcpdump, see its man page.
Using tcpdump to monitor traffic can be time consuming. Consider using Ruby, Perl, shell scripts, or AppleScript to automate the monitoring process.
Third-party tools
Important: Mention of a third-party tool doesn’t constitute an endorsement. No warranty claim is implied.
There are many network monitoring tools that you can use with OS X Server.
For example, consider using Wireshark, an X11 open source packet sniffing tool that you can run in the X11 environment on OS X Server. Unlike tcpdump, this tool has a graphical user interface and a set of powerful network analysis tools.
For more information about Wireshark, see wiki.wireshark.org/.
You can use other third-party tools to automatically analyze network traffic and alert you to problems.