This brief tutorial shows students and new users how to install and configure ntopng (ntop), the next generation of the original ntop utility in Linux systems, including Ubuntu.
The original ntop tool provides network traffic probe that monitors network usage. ntopng is the based on that, but also provides intuitive, encrypted web user interface of realtime and historical traffic information.
For those who don’t know about ntop, it’s an open source utility for monitoring Linux systems, including Ubuntu. Ntop does not provide a user friendly user web interface, but you use it to monitor CPU, Memory & Disk Usage and services from the command line terminal.
For new users and students, this might be challenging. ntopng makes it easy for students and new users to monitor and explore network usage from an intuitive web interface.
ntopng comes in three versions, Community, Professional (Small Business Edition) and Enterprise. The Community version is free to use and opensource (code can be found on Github).
For more about ntopng, please visit its homepage.
Below are some highlights of ntopng:
- Sort network traffic according to many criteria including IP address, port, L7 protocol, throughput, Autonomous Systems (ASs)
- Show realtime network traffic and active hosts
- Produce long-term reports for several network metrics including throughput and application protocols
- Top talkers (senders/receivers), top ASs, top L7 applications
- Monitor and report live throughput, network and application latencies, Round Trip Time (RTT), TCP statistics (retransmissions, out of order packets, packet lost), and bytes and packets transmitted
- Store on disk persistent traffic statistics to allow future explorations and post-mortem analyses
- Geolocate and overlay hosts in a geographical map
- Discover application protocols (Facebook, YouTube, BitTorrent, etc) by leveraging on nDPI, ntop Deep Packet Inspection (DPI) technology
To install, follow the steps below:
Step 1: Install ntopng (ntop) Repository
ntopng has its repository that can downloaded and installed easily on Ubuntu systems. To do that, run the command below:
cd /tmp wget http://apt.ntop.org/18.04/all/apt-ntop.deb sudo dpkg -i apt-ntop.deb
After installing its repository above, run the commands below to install ntopng and related dependencies.
sudo apt update sudo apt install pfring-dkms nprobe ntopng n2disk cento
When ntopng is installed, you may then go to its configuration file and make the below changes. ntopng default configuration file located at /etc/ntopng/ntopng.conf:
sudo nano /etc/ntopng/ntopng.conf
Make the highlighted changes and save the file. This tells ntopng to listen for traffic on port # 3000
# -G=/var/run/ntopng.pid # # -e|--daemon # This parameter causes ntop to become a daemon, i.e. a task which runs in the background .. # -e= # # -i|--interface # Specifies the network interface or collector endpoint to be used by ntopng for network ... # # -i=eth1 # -i=eth2 # # -w|--http-port # Sets the HTTP port of the embedded web server. # -w=3000 #
After saving the exiting the file, run the commands below to edit the file and specify the local network to monitor.
sudo nano /etc/ntopng/ntopng.start
Add the following lines as per your network layout.
--local-networks "10.0.2.6/24" --interface 1
Save and close the file, then restart ntopng and enable it to start on boot time:
sudo systemctl start ntopng sudo systemctl enable ntopng
Step 2: Logon to Web Interface
After that, logon to the web interface by typing the server IP address or hostname followed by port #3000
You should see ntopng logon page.
The default login credentials:
After logging in you should begin setting up your environment.
From its dashboard you can view information about systems and networks.
Congratulations! You have leaned how to install and use ntopng system optimizer and monitoring
You may also like the post below: