Q. How do I track my network usage (network usage monitoring) and protocol wise distribution of traffic under Debian Linux? How do I get a complete picture of network activity?
A. ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
ntop is a hybrid layer 2 / layer 3 network monitor, that is by default it uses the layer 2 Media Access Control (MAC) addresses AND the layer 3 tcp/ip addresses. ntop is capable of associating the two, so that ip and non-ip traffic (e.g. arp, rarp) are combined for a complete picture of network activity.
ntop is a network probe that showsIn interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a Web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.Network Load Statistics
How do I install ntop under Debian / Ubuntu Linux?
Type the following commands, enter:
$ sudo apt-get update
$ sudo apt-get install ntop
Reading package lists... Done Building dependency tree... Done Suggested packages: graphviz The following NEW packages will be installed: ntop 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/2859kB of archives. After unpacking 12.1MB of additional disk space will be used. Preconfiguring packages ... Selecting previously deselected package ntop. (Reading database ... 27301 files and directories currently installed.) Unpacking ntop (from .../ntop_3%3a3.2-8_amd64.deb) ... Setting up ntop (3.2-8) ... Starting network top daemon: Fri Jul 11 14:36:45 2008 NOTE: Interface merge enabled by default Fri Jul 11 14:36:45 2008 Initializing gdbm databases ntop
Set ntop admin user password
Type the following command to set password, enter:
# /usr/sbin/ntop -A
$ sudo /usr/sbin/ntop -A
Fri Jul 11 14:36:52 2008 NOTE: Interface merge enabled by default Fri Jul 11 14:36:52 2008 Initializing gdbm databases ntop startup - waiting for user response! Please enter the password for the admin user: [Type-yourPassord] Please enter the password again: [Type-yourPassord] Fri Jul 11 14:36:59 2008 Admin user password has been set
Restart ntop service
Type the following command, enter:
# /etc/init.d/ntop restart
Verify ntop is working, enter:
# netstat -tulpn | grep :3000
ntop by default use 3000 port to display network usage via webbrowser.
How do I view network usage stats?
Type the url:
Sample ntop reports
- man ntop
- ntop configuration files located at /etc/ntop/ directory
- ntop project
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
|Category||List of Unix and Linux commands|
|Firewall||Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04|
|Network Utilities||dig • host • ip • nmap|
|OpenVPN||CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04|
|Package Manager||apk • apt|
|Processes Management||bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time|
|Searching||grep • whereis • which|
|User Information||groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w|
|WireGuard VPN||Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04|