Use NTOP in RHEL5 to monitor network traffic

Source: Internet
Author: User
Tags rrdtool

NTOP is a flexible and fully functional tool for monitoring and solving LAN problems. It also provides command line input and Web interfaces and can be used for Embedded Web Services. This article describes how to build an NTOP Monitoring System in RHEL5.1. Install software packages required by the NTOP Monitoring System: 1. to install the NTOP software package, you must support libpcap, libcap-devel, libpng, gdbm, gd, and other soft packages. First, check whether these packages are installed in your RHEL5 system. If they are not installed, you only need to mount the RHEL5 system CD to install the corresponding RPM package: [root @ linux5234 ~] # Rpm-qa | grep libpcap
[Root @ linux5234 ~] # Rpm-qa | grep libpcap-devel
[Root @ linux5234 ~] # Rpm-qa | grep libpng
[Root @ linux5234 ~] # Rpm-qa | grep gdbm
[Root @ linux5234 ~] # Rpm-qa | grep gd
Check whether the above package is installed. If it is not installed, mount the RHEL5 CD to install 2.install the rrdtooldrawing tool package (rrdtool-1.2.27.tar.gz): [root @ linux5234 ~] # Tar zxf rrdtool-1.2.27.tar.gz
[Root @ linux5234 ~] # Cd rrdtool-1.2.27
[Root @ linux5234 ~] #./Configure -- prefix =/usr/local
[Root @ linux5234 ~] # Make & make install 3.compile and install the ntopsoftware package ntop-3.3.7.tar.gz): [root @ linux5234 ~] # Tar zxf ntop-3.3.7.tar.gz
[Root @ linux5234 ~] # Cd ntop-3.3.7
[Root @ linux5234 ntop-3.3.7] #./autogen. sh -- with-tcpwrap
[Root @ linux5234 ntop-3.3.7] # make & make install configuration -- with-tcpwrap option is used to support TCP Wrappers Access Control2. Configure the NTOP Monitoring System: 1. sets the NTOP data storage directory. By default, the NTOP system runs as a low-Permission user nobody. To enable ntop to read and write data, you need to adjust the permission of the default storage directory/usr/local/var/ntop: [root @ linux5234 ~] # Chown-R nobody/usr/local/var/ntop 2. Set the password for the NTOP administrator. The default Administrator for NTOP is admin. To ensure security, you need to set a password for it. In addition, when modifying the NTOP settings or disabling the NTOP service through the web page, you must use the administrator user name and password for verification: [root @ linux5234 ~] # Ntop-
Tue Oct 19 10:05:15 2010 NOTE: Interface merge enabled by default
Tue Oct 19 10:05:15 2010 Initializing gdbm databases
Ntop startup-waiting for user response!
Please enter the password for the admin user: // enter the password
Please enter the password again: // enter the password again
Tue Oct 19 10:05:43 2010 Admin user password has been set
3. Set the TCP Wrapper permission. When compiling ntop, we use the -- with-tcpwrap configuration item. Therefore, we can use the TCP Wrapper policy to control ntop access: [root @ linux5234 ~] # Echo 'ntop: 192.168.0.88 '>/etc/hosts. allow // only allow the host 192.168.0.88 to access the ntop Service
[Root @ linux5234 ~] # Echo 'ntop: all'>/etc/hosts. deny // ALL other users refuse 4. Run the ntop service: [root @ linux5234 ~] # Ntop-d-I eth0
// Future daemon method-d) run the NTOP service and monitor the traffic connected to the eth0 Nic. If multiple NICs exist, run the following command to connect to different LAN segments: [root @ linux5234 ~] # Ntop-d-I eth0, eth1-M. In addition, the options of the ntop program can be written into the configuration file with one option per line ), then, start the service in the form of "ntop @ Configuration File. The following are common ntop Program Options:

Option name Description
-C/-- sticky-hosts Record of inactive hosts
-P/-- db-file-path Specify new data storage records
-U/-- user Identity of the user who runs the program
-B/-- disable-decoders Disable protocol Decoder
-N/-- numeric-ip-address Use a digital host ID without NDS resolution)
-W/-- http-server The default port for listening to HTTP access is 3000)
  3. Use NTOP to monitor network traffic 1. enter "http: // 192.168.0.66: 3000" in the browser to access the NTOP server: 650) this. width = 650; "onclick = 'window. open ("http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0ZU41333-0.jpg "/> 2. view the total network Throughput of each host in the LAN: On the NTOP page that appears, move the cursor to "ALL Protocols" on the top of the page and click "Throughput" in the drop-down menu, as shown in: 650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php?refimg= "+ This. src) 'border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0ZU44W9-1.jpg "/> 3. view the bandwidth usage of each host by time period: On the NTOP web interface, move the cursor to "All Protocols" on the top of the page, and click "Activity" in the drop-down menu to: 650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php?refimg= "+ This. src) 'border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0ZU42001-2.jpg "/> 4. view the traffic statistics of each host by application layer protocol. On the NTOP web page, move the cursor to "IP" at the top of the page and click "Summary" in the drop-down menu ", "Traffic" is enough: 650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php?refimg= "+ This. src) 'border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0ZU43308-3.jpg "/> 5. disable NTOP: On the NTOP web interface, move the cursor to "Admin" at the top of the page and click "Shutdown" in the drop-down menu ", in the displayed dialog box, enter the administrator username and password: 650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php?refimg= "+ This. src) 'border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0ZU44U8-4.jpg "/>

This article from the "Do not go, come to chase" blog, please be sure to keep this source http://netslyz.blog.51cto.com/1006247/407510

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.