ntop is a free opensource network traffic probe that shows the network usage. ntop is based on libpcap and can run on Linux/Unix and Windows operating system. ntop provides a very easy to use a web access to navigate through ntop traffic information and get a dump of the network status.
ntop shows the current network usage and displays list of hosts currently on the network and report IP and Fibre Channel (FC) traffic generated by the host. ntop supports TCP/UDP (HTTP/FTP,DNS,Telnet,SMTP etc),ICMP, ARP & RARP,IP/IPX,DLC, Decnet, Apple Talk, Netbios, FC (Control Traffic – SW2, GS3,ELS & SCSI)
Install ntop on openSUSE
To install ntop on openSUSE, click on one of the following 1-click installers based on the version of openSUSE operating system.
openSUSE 11.1
openSUSE 11.0
openSUSE 10.3
This should launch YaST package manager and add requried repositories, install the required package and dependencies for ntop. Accept the defaults and follow the onscreen instructions to complete the installation. Once the installation is successfully completed, ntop will be installed under /usr/bin/
saihari:~ #which ntop
/usr/bin/ntop
When you run ntop (as a root user) for the first time, run ntop from a terminal window, this should initialize ntop and will let you set the password for the default ntop admin user (admin). Enter the password twice. By default the web interface is accessible from
http://localhost:3000
or
http://<ipaddress>:3000
Login with the user “admin” and password you just set.
Later on, you can start/stop/restart ntop as follows:
saihari:~ # rcntop start
Starting service ntop done
saihari:~ # rcntop stop
Stopping service ntop done
Quick Start with ntop
As soon as you logon to the web interface, everything becomes fairly straight forward as most if not all data shown in simple host/IP or protocol based tables and/or with nice grpahs, piecharts or graphs generated using the RRD Tools.
For instance,
If you would want to generate nice RRD Tools based graphs then it is important that RRD Tool (should be installed by default in openSUSE) and its RRD Tool devel packages, else ntop will report the following error at startup and disable the RRD Plugin which means no RRD based graphs.
**ERROR** RRD: Disabled – unable to create base directory (err 13, /usr/local/var/ntop/rrd)
To install RRD Tool and its devel package quickly from a terminal window,
saihari:~ # yast2 -i rrdtool rrdtool-devel
The plugin architecture makes it easy to allow enhanced features like
netFlow/sFlow support where ntop can be configured to be a flow probe or a collector
Last time packet seen for hosts
ICMP traffic data
Simply, click on the plugin (Yes/No) link to toggle between enable & disable from the Plugins menu.
You can also dump traffic data from ntop web interface
ntop has always been and will be so for long as a must have opensource tool for any network or system admin in any sized network or even on your home network. Click here to visit the project homepage.
ntop is a great tool, but NOT for long term use or forensics; say that you dump your data in a daily basis to a file *bin. Besides ntop reads from such file, it DOESNOT generate graphics from such file, say that ‘rdd not enabled’ (which is not true). Reading realtime shows adequate graphics for network trhougput.
any hint/tip on HOW to get ntop building graphics from tcpdump.bin files?
if i type #which ntop the result is same as you shown. but how to start ntop for the first time in a terminal… the problem is if type #cd /usr/bin/ntop the result is “no such directory”… how to start ntop in terminal for the first time?
Hello, First of all, what a informative article! i am just doing a bit of research for my website but i had issues reading this article because the text sticking out in to the menu…. Edit: apologies, my fault, it is my outdated version of opera causing the fault. Might be worth asking people to update. Thanks. plumbob