Q. How do I track my network usage (network usage monitoring) and protocol wise distribution of traffic under Debian Linux? How do I get a complete picture of network activity?
A. ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
ntop is a hybrid layer 2 / layer 3 network monitor, that is by default it uses the layer 2 Media Access Control (MAC) addresses AND the layer 3 tcp/ip addresses. ntop is capable of associating the two, so that ip and non-ip traffic (e.g. arp, rarp) are combined for a complete picture of network activity.
ntop is a network probe that showsIn interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.Network Load Statistics
How do I install ntop under Debian / Ubuntu Linux?
Type the following commands, enter:
$ sudo apt-get update
$ sudo apt-get install ntop
Reading package lists... Done Building dependency tree... Done Suggested packages: graphviz The following NEW packages will be installed: ntop 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/2859kB of archives. After unpacking 12.1MB of additional disk space will be used. Preconfiguring packages ... Selecting previously deselected package ntop. (Reading database ... 27301 files and directories currently installed.) Unpacking ntop (from .../ntop_3%3a3.2-8_amd64.deb) ... Setting up ntop (3.2-8) ... Starting network top daemon: Fri Jul 11 14:36:45 2008 NOTE: Interface merge enabled by default Fri Jul 11 14:36:45 2008 Initializing gdbm databases ntop
Set ntop admin user password
Type the following command to set password, enter:
# /usr/sbin/ntop -A
$ sudo /usr/sbin/ntop -A
Fri Jul 11 14:36:52 2008 NOTE: Interface merge enabled by default Fri Jul 11 14:36:52 2008 Initializing gdbm databases ntop startup - waiting for user response! Please enter the password for the admin user: [Type-yourPassord] Please enter the password again: [Type-yourPassord] Fri Jul 11 14:36:59 2008 Admin user password has been set
Restart ntop service
Type the following command, enter:
# /etc/init.d/ntop restart
Verify ntop is working, enter:
# netstat -tulpn | grep :3000
ntop by default use 3000 port to display network usage via webbrowser.
How do I view network usage stats?
Type the url:
Sample ntop reports
- man ntop
- ntop configuration files located at /etc/ntop/ directory
- ntop project
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop