Who is pinging my Linux server

In this article i will show how to know monitor who is pinging my server with tcpdump Linux utility.

tcpdump packet analyzer. In our case it will help us figure out the IP address where the ICMP requests come from.

If you dont have installed tcpdump on your server please read Install tcpdump paragraph at the end of this article.

To monitor incoming ICMP echo requests type an run:

# tcpdump -i eth0 icmp and icmp[icmptype]=icmp-echo

where eth0 is the name of the Ethernet adapter (in your case it can be other eth1, eth2.. ). If you don’t need resolve source hostname, you can add option -n and get source IP address. For example:

# tcpdump -n -i ens32 icmp and icmp[icmptype]=icmp-echo

Example output who ping my server:

IP address where the requests come from

As you see on example incoming ping (ICMP) requests coming from 10.110.9.26

Install tcpdump

Install tcpdump in Ubuntu/Debian

To install tcpdump in Ubunty run this command:

$ sudo apt-get install tcpdump
Install tcpdump in RedHat/CentOS
# yum install tcpdump

   

If you like what you are reading, please:

Buy me a coffeeBuy me a coffee

arstech

Leave a Reply