ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status. It is useful to monitor the network usage of server so that no bandwidth is over utilized.
Install required dependencies required to install ntop.
# yum install gcc gcc-c++ make libpcap libpcap-devel gdbm-devel libgd-devel libpng-devel libtool libtool-libs rrdtool rrdtool-devel -y
Download ntop from sourceforge & extract it.
# cd /usr/local/src/
# wget wget http://downloads.sourceforge.net/project/ntop/ntop/ntop-4.0.1/ntop-4.0.1.tar.gz
# tar -zxvf ntop-4.0.1.tar.gz
# cd ntop-4.0.1
Let’s compile it now.
# make && make install
When compiling it, you might also receive the message “Please install GeoIP (http://www.maxmind.com/)“. This means GeoIP is not installed on your server. Install it from here
Start configure ntop so that statistics can be viewed/managed from your web browser. Add a user ntop and configure the password. You can then set the password so that nobody else configure it except the one who has login credentials. The default user created is admin.
# useradd -M -s /sbin/nologin -r ntop
# ./ntop -A
Copy the configuration files at desired location and assign correct ownership.
# rsync -va /usr/local/src/ntop-4.0.1/* /usr/local/var/ntop/
# chown ntop:root /usr/local/var/ntop -R
Start service with command below.
# /usr/local/bin/ntop -d -L -u ntop -P /usr/local/var/ntop –skip-version-check –use-syslog=daemon
You can access ntop using a web browser on port 3000. Example is http://10.10.10.1:3000. Here 10.10.10.1 is your server’s public IP address.