The next thing we will have to do is edit the configuration file located at /etc/nf and uncomment the line of our network interface or add it: Installing ntopng on Ubuntuįor, install this tool on Ubuntu 18.04All you have to do is open a terminal (Ctrl + Alt + T) and write the following command in it: They can consult all of them in the project website. We will have full support for current network protocols → Including IPv4 and IPv6.Produce network traffic statistics → Using HTML5 / AJAX technology.Alert engine → We can capture anomalous and suspicious hosts.Geolocate and Overlay Hosts → This will be done on a geographic map.Even going so far as to classify the traffic according to the source / destination. Layer 7 analysis leveraging nDPI, an open source DPI framework. Persistent traffic statistics in RRD format. Traffic analysis → High speed web based traffic analysis and flow collection using ntopng.Report on the use of the IP protocol → Even going so far as to classify it by type of protocol.Network probe → nProbe- NetFlow v5 / v9 / IPFIX extensible probe with plug-in support for L7 content inspection.Accurate traffic reproduction with disk2n. It allows to quickly retrieve packages using BPF. Traffic recording → Lossless network traffic recording of 10 Gbit and above with n2disk.Includes Libpcap support for seamless integration with legacy applications. Zero-copy package distribution across threads, applications, and virtual machines. Packet capture → Packet capture / transmission using basic hardware with PF_RING.The Professional and Enterprise versions will offer us some additional features. Ntopng is available in three versions Community: Free and open source version hosted on GitHub licensed under the GNU GPLv3, Professional y Enterprise.
Ntopng is based on Redis key value server rather than traditional database, leverages nDPI for protocol discovery, supports host geolocation, and can display real-time flow analysis for connected hosts. It is based on libpcap, a Library written as part of a larger program called TCP Dump. Ntopng basically is a network traffic probe that will monitor network usage. The ntopng engine is written in C ++, while the web interface is written in Lua.
Binary versions are available for CentOS, Ubuntu, and OS X. The source code versions are available for the operating systems: Unix, Gnu / Linux, BSD, Mac OS X and Windows. The name comes from " ntop next generation”. This application is designed to be a high performance, low resource consumption replacement for ntop. It will provide us with an intuitive and encrypted web user interface to explore network traffic information in real time and historically. Ntopng is an application for monitor the network traffic web-based and released under GPLv3. It's about a network traffic monitor evolved from the original program known as Ntop, which was created by the English organization of the same name in 1998. In the next article we are going to take a look at Ntopng.
0 kommentar(er)
