12/21/2023 0 Comments Ntopng ubuntu 14View network traffic statistics via ntop at View network traffic statistics via darkstat at Access the other programs via ssh. Restart networking on the Network Monitoring Bridge sudo /etc/init.d/networking restart.Plug free end of the patch cable to the computer that will be monitored.Unplug the network cable from the computer you would like to monitor and plug the cable into the other network device of the Network Monitoring Bridge.Plug the patch cable to one of the network devices on the Network Monitoring Bridge.To begin monitoring choose a place on your network that you would like to monitor as shown in the examples above.You will need to add allowed users to "wireshark" group. You will need to configure wireshark to allow non root users to capture packets. You can access it remotely with ssh -X even with no GUI on the server. But it does not need a GUI on the monitoring server to run. Simply pick the interface that is not between you and the core. NOTE: You can also pick eth0 or eth1 as the interface to prevent tracking your own monitoring traffic. # You must set this option, else darkstat may not listen to # Turn this to yes when you have configured the options below. Test ntop by browsing to Configuing DarkStatĮdit the configuration file: sudo nano /etc/darkstat/init.cfg Restart NTOP sudo /etc/init.d/ntop restart Set the admin password for NTOP (Enter the password for your sudo account) sudo ntop -set-admin-password INTERFACES="br0"Ĭonfigure NTOP to recognize your local subnet sudo nano /etc/default/ntopĬhange the GETOPTS variable to something like. Restart networking sudo /etc/init.d/networking restartĮdit ntop configuration sudo nano /var/lib/ntop/init.cfgĬhange the INTERFACES line to the name of your bridge. This is because br0 will bring up the components assigned to it. If you have used bridge utilities on older versions of Linux, you will note that auto eth0 and iface eth0 inet manual are not in the file. Sample /etc/network/interfaces file # This file describes the network interfaces available on your system You could easily modify the line iface bridge01 inet dhcp to be iface bridge01 192.168.1.2 netmask 255.255.255.0 up for a static IP address. The following example configuration configures the bridge via DHCP. NOTE: ntopng is a similar, but updated ntop that you may want to consider.Įdit /etc/network/interfaces to reflect your network topology. Install monitoring tools sudo apt-get install darkstat etherape ntop ssh traceroute wireshark zenmap Install bridge utilities from Main repository sudo apt-get install bridge-utils Do an ifconfig from the cli to find out what Ubuntu is actually calling your nics. This used to be eth0 and eth1, but now we have Predictable Network Interface Names which means they could be eth0, p3p1, p2p1, enp9s0, wlp9s0, or eno16777728. You will need to know your interfaces names. See InstallingSoftware for more information. You may begin with either a Desktop or Server installation of Ubuntu. If, however, you use 100 meg cards, you may need a crossover cable. If you use gigabit cards, you will not need a crossover cable to connect directly to another PC. (PCI will not support full gigabit speeds as you will fill the buss one way and have no room going back out.) Install two network cards on this machine and obtain a Patch cable. Almost any modern PC will be enough for moderate bandwidth, but if you need close to full gigabit speeds, you will need a more powerful CPU and buss. Network with monitoring: INTERNET Gateway firewall Network Monitoring Bridge Switch Local network Computersīegin with a PC. Network configuration: INTERNET Gateway firewall Switch Local network Computers Analyze network usage on a subnet at our University.Network with monitoring: LAN switch Network Monitoring Bridge Database server Network configuration: LAN switch Database server Analyze connection problems to local database server.For more information on what a bridge is see the Linux Documentation Project Bridging Howto. Several services are used for monitoring and they provide comprehensive statistics on network usage and throughput. (15/4/16) The bridge can be transparently plugged into any segment of a local subnet to analyze network traffic without disturbing network services. This document outlines the creation of a network monitoring bridge on Ubuntu 14.04 but should work on any supported versions at this time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |