Install ntop on Red Hat Enterprise Linux / CentOS Linux / Debian

ntop is a network probe that shows network usage in a way similar to what top does for processes,
dnstop for dns, ptop for postgresql, iotop, atop …

In interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.

ntop is available for both Unix and Win32-based platforms. It has been developed by Luca Deri, an Italian research scientist and network manager at University of Pisa.

On Redhat or Centos:
For installing ntop on Red Hat or Centos, please follow these instructions:

Packages needed :
– libpcap: system interface for user-level packet capture
– libpcap-devel: development library for libpcap
– rrdtool: Time-series data storage and display system (programs)
– rrdtool-devel: Time-series data storage and display system (development)
– perl-rrdtool: Time-series data storage and display system (perl interface)
– graphviz: Graph Visualization Software

First install libpcap, and libpcap-devel using yum
$ sudo yum install libpcap-devel libpcap

The rrdtool, ntop and graphviz packages you can get them like this:


$ wget ftp://rpmfind.net/linux/dag/redhat/el5/en/i386/dag/RPMS/rrdtool-devel-1.2.30-1.el5.rf.i386.rpm
$ wget ftp://rpmfind.net/linux/dag/redhat/el5/en/i386/dag/RPMS/rrdtool-1.2.30-1.el5.rf.i386.rpm
$ wget ftp://rpmfind.net/linux/dag/redhat/el5/en/i386/dag/RPMS/perl-rrdtool-1.2.30-1.el5.rf.i386.rpm
$ wget http://dag.wieers.com/rpm/packages/ntop/ntop-3.3-1.el5.rf.i386.rpm

$ wget http://www.graphviz.org/graphviz-rhel.repo
$ sudo cp graphviz-rhel.repo /etc/yum.repos.d/
$ sudo yum update
$ sudo yum install graphviz

Installing perl-rrdtool, rrdtool, rrdtool-devel and ntop with rpm package manager :
$ sudo rpm -ivh perl-rrdtool-1.2.30-1.el5.rf.i386.rpm rrdtool-1.2.30-1.el5.rf.i386.rpm rrdtool-devel-1.2.30-1.el5.rf.i386.rpm ntop-3.3-1.el5.rf.i386.rpm

Type the following command to set ntop admin password, enter:
$ ntop -A
Sat Jul 4 14:31:49 2009 NOTE: Interface merge enabled by default
Sat Jul 4 14:31:49 2009 Initializing gdbm databases
ntop startup – waiting for user response!
Please enter the password for the admin user:
Please enter the password again:
Sat Jul 4 14:32:24 2009 Admin user password has been set

The following command start ntop:
$ sudo /usr/bin/ntop -d -L -u ntop -P /var/ntop –skip-version-check –use-syslog=daemon -d

If you have many interfaces you can specify them like this :
$ /usr/bin/ntop -i “eth0,eth1” -d -L -u ntop -P /var/ntop –skip-version-check –use-syslog=daemon -d

Well we need to run ntop as services, please refer to /etc/ntop.conf:
$ sudo vim /etc/ntop.conf
–user ntop
–db-file-path /var/ntop
–interface eth0,eth1
–use-syslog
–http-server 3000
–https-server 3001
–local-subnets 192.168.1.0/20
–domain mydomain.org
–daemon

At last start your ntop service:
$ sudo service ntop start

By default ntop listen on 3000 port. You can view ntop stats by visiting following url:
http://server:3000/ or https://server:3001/
as defined in the ntop.conf.

On Debian:
The ntop package is present in the Debian repository, so you can get simply by:
$ aptitude install ntop

Personalize your ntop config file. After, you can start the service :
$ sudo invoke-rc.d ntop start

Install ntop on Red Hat Enterprise Linux / CentOS Linux / Debian

3 thoughts on “Install ntop on Red Hat Enterprise Linux / CentOS Linux / Debian

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s