How to monitor a server.

This may turn into something bigger and more extensive, or it may not.  For now at least, it's just a small collection of handy notes.

Running a webserver on Windows.

First of all, if you're running a webserver anywhere, it should probably be Apache.  There is a Windows version.  Then you probably want to get a dynamic DNS hostname (unless you have a static IP or hostname).  You can get one at DynDNS.org, and then you'll need a dyndns updater to keep your dyndns hostname (which is static) in sync with your computer's IP address (which is dynamic).  I wrote one in Perl, and you can find others at the DynDNS.org webpage in the clients section.  You should also probably install Perl (the Windows version is from ActiveState) because it's just so handy and powerful, and because you need it if you want to use my dyndns auto-updater.

So anyway, to monitor a webserver on Windows, there are 3 tools that I use primarily:

  • The Apache access log - there will be a link to this, on the Start Menu, once you install Apache.  Check this log to see who's accessed your server.

  • AnalogX's Netstat Live, which shows you how much data is currently flowing into and out of your computer.  So by watching the level of outgoing traffic, you can tell when someone is connected to your server.

  • The built-in netstat command.  Go to a command prompt and type netstat -p tcp and you'll see the connections currently open between your computer and any other computers.  If your webserver is running on the standard port, 80, then just look in the netstat output for lines ending in :80, and you'll see what external IP addresses are currently connected to your server.

Running a webserver on Linux.

On Linux, you'd still use Apache and Perl, and you could still use DynDNS.org and my auto-updater.  The netstat command is also available; the options I use on Linux are:

-t   to only show tcp connections
-a   to show both listening and active connections
-p   to show process names
-e   to be verbose
-v   to be verbose
So I end up with netstat -petva.  In addition to netstat, you have netwatch, which shows active connections, and also nmap, which can show you the ports that are currently open on your system (or any system).  There's also EtherApe, which shows network connections graphically.