Monday, March 31, 2014

Install And Configure Linux Socket Monitor (LSM)

Linux Socket Monitor (LSM) is a monitoring tool which tracks changes to ports and sockets (both network and inter-process (IPC) ones used between applications on the same machine) by comparing snapshots it takes - either automatically (upon installation) or by your direction.


The latest version of LSM is located on its developer's website located at:

In order to download the tape archive (tar, tarball), run the following:

This will download the archive to the current folder you have.

Let's extract the contents from the tarball:

tar -xvfz lsm-current.tar.gz
We are now ready to install LSM by running its installation script.

Enter the directory and run the installation:

$ cd lsm-0.6
$ ./

On Completion we get a out put like.
.: LSM installed
Install path: /usr/local/lsm
Config path: /usr/local/lsm/conf.lsm
Executable path: /usr/local/sbin/lsm
LSM version 0.6 <>
Copyright (C) 2004, R-fx Networks
2004, Ryan MacDonald
This program may be freely redistributed under the terms of the GNU GPL

generated base comparison files

Open up the LSM configuration file using nano text editor:
 nano /usr/local/lsm/conf.lsm

Here you will see a relatively long list of values which are used by LSM to operate. The one that we need to modify is the third one on the list: USER="root" which is after the commented out sections located on top.

Using your arrow keys, go down to that line and replace root with your email address.


At any given moment, you can delete or recreate the comparison files via two simple commands:

Delete snapshots (camparison files): /usr/local/sbin/lsm -d
Manually run a comparison test: /usr/local/sbin/lsm -c

And to recreate the snapshots:

Generate base comparison files: /usr/local/sbin/lsm -g


No comments:

Post a Comment