Network Monitoring With ntop

ntop is a network traffic tools that shows network usage in a real time. One of the good things about this tool is that you can use a web browser to manage and navigate through ntop traffic information to better understand network status.

Also Ntop monitors and reports hosts traffic and supports these protocols:

  • TCP/UDP/ICMP
  • (R)ARP
  • IPX
  • DLC
  • Decnet
  • AppleTalk
  • Netbios
  • TCP/UDP

In this tutorial we'll install ntop 3.2 in CentOS 4.

 

Prerequisites

Ntop 3.2
LIBPCAP
GDBM

 

http://dag.wieers.com/rpm/packages/ntop
http://rpmfind.net/linux/RPM/fedora/4/i386/glib-1.2.10-16.i386.html 

 

Installation 

1- Installing G-LIB:

rpm -ivh  glib-1.2.10-16.i386.rpm

 

2- Installing ntop:

rpm -ivh ntop-3.2-1.el4.rf.i386.rpm

 

Running ntop

1- Initialize ntop:

ntop

That will initialize ntop and it will ask you to enter your username and password.

The default username: admin

Password: yourEnteredpassword

2- Start ntop service:

service ntop start

 

Log In To The Web Interface

ntop can be managed through a web interface. You can enter your server address in your web browser:

http://ServerIP:3000

https://ServerIP:3001 

Now you can monitor your hosts and manage your ntop configuration.

 

Screenshot

Ntop SC

Share this page:

Suggested articles

5 Comment(s)

Add comment

Comments

By: Anonymous
Reply  

Dear Team,

We facing the below error in ntop Please guide me.

[[email protected] ~]# ntop Fri Mar 25 15:58:55 2011 NOTE: Interface merge enabled by default Fri Mar 25 15:58:55 2011 Initializing gdbm databases Fri Mar 25 15:58:55 2011 **ERROR** ....open of /var/lib/ntop/prefsCache.db failed: Can't be writer Fri Mar 25 15:58:55 2011 Possible solution: please use '-P ' Fri Mar 25 15:58:55 2011 **FATAL_ERROR** GDBM open failed, ntop shutting down... Fri Mar 25 15:58:55 2011 CLEANUP[t3086498016]: ntop caught signal 2 [state=2] Fri Mar 25 15:58:55 2011 ntop is now quitting...

 

Thanks in advance

By: robinson.barbosa
Reply  

Hi, 

 Ntop : Erro encontrado:

 

**ERROR** ....open of /var/lib/ntop/prefsCache.db failed: Can't b

/

Solução:

1.       Passo matar serviço:   aragorn:/var/lib/ntop # ps -aux | grep ntop

Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html

ntop     16289  0.5  3.2 108028 33880 pts/1    Sl   18:08   0:00 /usr/bin/ntop -P /var/lib/ntop -i eth0 -u ntop -w 127.0.0.1:3000

root     16298  0.0  0.0   2316   704 pts/1    S+   18:09   0:00 grep ntop

aragorn:/var/lib/ntop # kill -9 16289

aragorn:/var/lib/ntop # ps -aux | grep ntop

 

2.       Passo inicar service com todas as interfaces de rede monitoradas ntop.

aragorn:/var/lib/ntop # ntop -i "eth0,eth1,eth2,br0,tap0" -d -L -u ntop -P /var/lib/ntop --skip-version-check --use-syslog=daemon

 

Where,

§  -i "eth0,eth1" : Specifies the network interface or interfaces to be used by ntop for network monitoring. Here you are monitoring eth0 and eth1.

§  -d : Run ntop as a daemon.

§  -L : Send all log messages to the system log (/var/log/messages) instead of screen.

§  -u ntop : Start ntop as ntop user

§  -P /usr/local/var/ntop : Specify where ntop stores database files. You may need to backup database as part of your disaster recovery program.

§  --skip-version-check : By default, ntop accesses a remote file to periodically check if the most current version is running. This option disables that check.

§  --use-syslog=daemon : Use syslog daemon.

By: Buggy Spam
Reply  

Similar problem:

Starting 'ntop' via terminal [using Linux Mint (15 Olivia)] shows
"Initializing gdbm databases
**ERROR** ....open of /var/lib/ntop/prefsCache.db failed: File open error
Possible solution: please use '-P <directory>'
**FATAL_ERROR** GDBM open failed, ntop shutting down...
CLEANUP[t140028804217024]: ntop caught signal 2 [state=2]
ntop is now quitting..."

What to do now? I don't understand a word!


  

By: Anonymous
Reply  

All I did to get rid of this error was:

 sudo mkdir /var/lib/ntop

 This creates a folder for ntop to put its db file.

 If you still get the error after this try:

 sudo touch /var/lib/ntop/prefsCache.dB

 This will create an empty file of that name.

 Elsewhere it has been suggested that this error can also be caused by ntop already running, but this wasn't the case for me.

By: Salam
Reply  

I followed your instructions and NTOP is up and running, however, I tried to search some guides or tutorials t start using it, I am alwyas redirected to ntop.org where details on ntopng, no trace for ntop, any idea? should we upgrade? if yes, how as nothing is mentioned on the web site ntop.org