+5 votes
946 views
Install ntopng on Ubuntu 18.04 to monitor network traffic

in Linux / Unix by (552k points)
reopened | 946 views

1 Answer

+3 votes
Best answer

1. How to install ntopng on Ubuntu 18.04 Linux
2. How to configure ntopng on Ubuntu 18.04 Linux
3. How to access ntopng on Ubuntu 18.04 Linux

Among the different administrative tasks that we must carry out in Linux systems, one of the most outstanding is the monitoring of network traffic ; since through it we can transfer much more comprehensive and complete processes , roles and other parameters of the server and a traffic that is being affected will have a negative impact on the entire infrastructure created..

Although there are several tools developed for network monitoring, TechnoWikis will talk about one in particular whose mission is to offer the best network monitoring services such as ntopng.

What is ntopng?
Ntopng has been developed as a utility focused on analyzing network traffic through constant monitoring of network usage. The ntopng utility is based on libpcap and a portable design has been written to be executed on all Unix, macOS and Windows platforms.

Its web interface offers a simple and encrypted solution to access traffic information both historically and in real time..

Ntopng features
Among its most outstanding features are:
  • It will be possible to monitor and obtain real-time performance reports, network and application latencies, round-trip time (RTT), TCP statistics with details of retransmissions, obsolete packets or packet loss, and bytes and packets transmitted .
  • It will be possible to classify network traffic using various criteria such as IP address, port, L7 protocol, performance, autonomous systems (AS) and many more.
  • It displays the real-time network traffic and active hosts of that network.
  • Support for MySQL, ElasticSearch and LogStash to carry out export tasks of the monitored data.
  • SNMP v1 / v2c support and continuous monitoring of SNMP devices.
  • It allows you to identify HTTP traffic using the characterization services provided by Google and HTTP Blacklist.
  • Full support for IPv4 and IPv6.
  • Supports Full Layer-2.
  • Stores persistent traffic statistics on disk to facilitate future exploration and access to hosted data.
  • It generates several network metrics, including performance and application protocols.
  • You can geolocate and superimpose hosts on a geographic map.
  • It will be possible to analyze IP traffic and route it according to the source or destination.
  • Supports creating network traffic statistics in HTML5 / AJAX formats.
  • It has an alert engine to capture anomalous and suspicious hosts thus increasing security.

1. How to install ntopng on Ubuntu 18.04 Linux

Step 1

By default, ntopng is not available in the default Ubuntu 18.04 repository. For this reason it will be necessary to install the ntopng repository which can be downloaded and installed with the following command:
 sudo wget http://apt.ntop.org/18.04/all/apt-ntop.deb 
image
Step 2

We proceed to its decompression:
 sudo dpkg -i apt-ntop.deb 
image
Step 3

As soon as the repository is installed, we will update the repository and install ntopng using the following command:
 sudo apt-get update -y sudo apt-get install pfring-dkms nprobe ntopng n2disk cento -y 
image

2. How to configure ntopng on Ubuntu 18.04 Linux


After installing ntopng, we will modify the default configuration file of the utility which is located in the /etc/ntopng/ntopng.conf directory:
 sudo nano /etc/ntopng/ntopng.conf 
In the open file we will locate the following section:
 -G = / var / run / ntopng.pid 
In it we define the following:
 ## Specifies the network interface or collector endpoint to be used by ntopng for network monitoring. -i = enp0s3 ## Sets the HTTP port of the embedded web server. -w = 3000 
Note
In the field -i enp0s3 we must enter the name of the current network adapter of each server.

We save the changes using the key combination:

+ O Ctrl + O

We leave the editor using:

+ X Ctrl + X

image
Step 2

Now, let's create an ntopng.start file:
 sudo nano /etc/ntopng/ntopng.start 
In it, we will paste the following:
 --local-networks "192.168.0.0/24” (Enter the range of IP addresses to be monitored) --interface 1 
image

Again we save the changes using the keys:

+ O Ctrl + O

We leave the editor using:

+ X Ctrl + X

We restart the service and enable it to start from the beginning with the following commands:

 sudo systemctl start ntopng sudo systemctl enable ntopng 
image

3. How to access ntopng on Ubuntu 18.04 Linux


Step 1

Now, we will go to a browser and execute the following syntax in the URL bar:
 http: // Server_IP: 3000 

image

Step 2

There we will enter amine both as username and password, pressing "Login" requires the change of password. Click on "Change Password" to apply the changes.

image

Step 3

This will be the initial ntopng environment: image

First, we can see details such as:

  • Server Details
  • Real time traffic.
  • Network interface traffic.
  • View for days, weeks, etc.
As soon as we start using the network, we can see its use in action: image
Step 3

Now, we have some menus such as:
Flows
This menu allows us to access a protocol view where we will see activation details, server, bytes used, general information and more: image
Host
From this menu it will be possible to access detailed information of the equipment in the network, MAC addresses, networks, HTTP servers, events, etc: image

When selecting any of these options we will see specific details:

image
Interfaces
In this menu we find the various network interfaces configured.
We have a "configuration" menu (gear icon) from where it will be possible to configure language (English, Italian to German), preferences, users, etc: image

In one of the display options we can click on the graphics to access much more detailed content:

image

In this way, ntopng is an integral solution for the complete monitoring of network traffic.


by (3.5m points)
edited

Related questions

+3 votes
1 answer
+4 votes
1 answer
asked Oct 14, 2019 in Linux / Unix by backtothefuture (552k points) | 259 views
+5 votes
1 answer
asked Oct 15, 2019 in Linux / Unix by backtothefuture (552k points) | 228 views
+5 votes
1 answer
asked Oct 15, 2019 in Linux / Unix by backtothefuture (552k points) | 283 views
+5 votes
1 answer
asked Oct 15, 2019 in Linux / Unix by backtothefuture (552k points) | 351 views
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users