Wireshark is the swiss army knife of network analysis tools. Whether you’re looking for peer-to-peer traffic on your network or just want to see what websites a specific IP address is accessing, Wireshark can work for you. We’ve previously given an introduction to Wireshark. and this post builds on our previous posts. Bear in mind that you must be capturing at a location on the network where you can see enough network traffic. If you do a capture on your local workstation, you’re likely to not see the majority of traffic on the network. Wireshark can do captures from a remote location — check out our Wireshark tricks post for more information on that. Identifying Peer-to-Peer Traffic Wireshark’s protocol column displays the protocol type of each packet. If you’re looking at a Wireshark capture, you might see BitTorrent or other peer-to-peer traffic lurking in it. You can see just what protocols are being used on your network from the Protocol Hierarchy tool, located under the Statistics menu. This window shows a breakdown of network usage by protocol. From here, we can see that nearly 5% of packets on the network are BitTorrent packets. That doesn’t sound like much, but BitTorrent also uses UDP packets. The nearly 25% of packets classified as UDP Data packets are also BitTorrent traffic here. We can view only the BitTorrent packets by right-clicking the protocol and applying it as a filter. You can do the same for other types of peer-to-peer traffic that may be present, such as Gnutella, eDonkey, or Soulseek. Using the Apply Filter option applies the filter “bittorrent“. You can skip the right-click menu and view a protocol’s traffic by typing its name directly into the Filter box. From the filtered traffic, we can see that the local IP address of 192.168.1.64 is using BitTorrent. To view all the IP addresses using BitTorrent, we can select Endpoints in the Statistics menu. Click over to the IPv4 tab and enable the “Limit to display filter” check box. You’ll see both the remote and local IP addresses associated with the BitTorrent traffic. The local IP addresses should appear at the top of the list. If you want to see the different types of protocols Wireshark supports and their filter names, select Enabled Protocols under the Analyze menu. You can start typing a protocol to search for it in the Enabled Protocols window. Monitoring Website Access Now that we know how to break traffic down by protocol, we can type “http” into the Filter box to see only HTTP traffic. With the “Enable network name resolution” option checked, we’ll see the names of the websites being accessed on the network. Once again, we can use the Endpoints option in the Statistics menu. Click over to the IPv4 tab and enable the “Limit to display filter” check box again. You should also ensure that the “Name resolution” check box is enabled or you’ll only see IP addresses. From here we, can see the websites being accessed. Advertising networks and third-party websites that host scripts used on other websites will also appear in the list. If we want to break this down by a specific IP address to see what a single IP address is browsing, we can do that too. Use the combined filter http and ip.addr == [IP address] to see HTTP traffic associated with a specific IP address. Open the Endpoints dialog again and you’ll see a list of websites being accessed by that specific IP address. This is all just scratching the surface of what you can do with Wireshark. You could build much more advanced filters, or even use the Firewall ACL Rules tool from our Wireshark tricks post to easily block the types of traffic you’ll find here.

Ubuntu One lets you easily synchronize files and folders, but it isn’t clear how to sync configuration files. Using Ubuntu One’s folder synchronization options or some symbolic links, you can synchronize configuration files across all your computers.

The same method should work with other cloud storage synchronization programs, including Dropbox. It also creates an online backup of your important files, so it’s useful even if you don’t have multiple Ubuntu systems.

Ubuntu One Setup

If you haven’t set up Ubuntu One yet, you’ll have to set it up before synchronizing files. Click the mail icon on the panel and select “Ubuntu One.”

Click the “Join Now” button and create an account.

On your other computers, click the “I already have an account!” link and sign in with your existing account.

After you do this, you’ll get a “Ubuntu One” folder in your home folder. All files in this folder are automatically synchronized between your computers.

Synchronizing Configuration Folders

Configuration folders are hidden by default, so you’ll have to click the View menu in the file manager and select “Show Hidden Files” to see them.

Once you have, you’ll see your configuration files. Each begins with a . — this is how files and folders are hidden on Linux.

Right-click the folder you want to synchronize, point to the Ubuntu One submenu and click “Synchronize This Folder.”

A green check mark appears on each folder you’re synchronizing.

From the Ubuntu One window, you can view all your synchronized folders.

Before the folder will synchronize, you’ll have to open the Ubuntu One configuration window on your other computers.

You must enable the “Sync locally?” check box on each other computer.

Ubuntu One will keep the configuration folder in sync across all your computers.

Of course, you can use this method to synchronize any folder.

Synchronizing Individual Files

Ubuntu One won’t let you synchronize a single file from the right-click menu. If you try, you’ll see all the options grayed out.

To synchronize a specific configuration file, you’ll have to move it to your Ubuntu One folder. You can do this with the cut and paste option from the file manager or with the mvcommand in the terminal.

Here, we’ve moved our .bashrc file to the Ubuntu One folder. It no longer exists in our home folder.

We can use the ln -s command to create a symbolic link from the file in the Ubuntu One directory to the file’s original location. For our .bashrc example, we’d use the following command:

ln -s /home/howtogeek/Ubuntu\ One/.bashrc /home/howtogeek

In other words, the syntax is:

ln -s /path/to/file /original/location

Note that you can’t create a symlink and place it in the Ubuntu One directory. Ubuntu One ignores symlinks.

If you check your home folder after this, you’ll see that there’s now a symbolic link to the file in the Ubuntu One folder.

On your other computers, you’ll have to delete the original configuration file and run the same command to create the appropriate symlink.

You can use this method to synchronize any file at any location. Most of the time it will make more sense to copy the file to the Ubuntu One folder, though.