Analyzing data for information can be a cumbersome task on a computer network. However, it can be easier if we have the necessary tools for it. As is
In a simple and straightforward way, Ntopng is an application with a web interface that allows monitoring the traffic of a network. It has an open-source community version, released under the GPLv3 license and free for use. And it is considered a reference in this sector.
On the other hand, the application can be installed on Windows, Linux, and RaspberryPi. Within the Linux distributions, we find binaries for the most popular like Debian, Ubuntu, and CentOS. So availability is guaranteed.
So, some of its features include:
- Traffic Analysis
- Network Probe
- Traffic Recording
- Packet Capture
However, there are so many that I recommend you go to the project website to check them all.
So, let us install it.
Install Ntopng on Debian 10
The application has a repository dedicated to Debian 10 to facilitate the installation. This is the most efficient and secure method of installing Ntopng. Also, being added to the repository when there is an update we can get it from APT.
Then, let’s download a DEB package that adds and configures the Ntopng repository.
:~$ cd /tmp :~$ wget http://apt.ntop.org/buster/all/apt-ntop.deb
Then, install GPG so that the repository can be added correctly.
:~$ sudo apt install gpg
Now install the downloaded package to add the repository.
:~$ sudo dpkg -i apt-ntop.deb
So, with the repository already added, we need to refresh the source of APT packages.
:~$ sudo apt update
Finally, install ntopng and some of its modules with the following command:
:~$ sudo apt install pfring-dkms nprobe ntopng n2disk cento
Before using the web interface, it is necessary to make some previous configurations. For example, indicate the port where it will run. To do this, just edit the configuration file of the application:
:~$ sudo nano /etc/ntopng/ntopng.conf
As you can see in the image the value of -w defines the port that will use the web interface. You can place the one you want, but remember to open it in the firewall.
Also, we need to create a new file to define the range of IP addresses of our network. Also the default or active network interface.
:~$ sudo nano /etc/ntopng/ntopng.start
Then, restart the service to apply the changes:
:~$ sudo systemctl restart ntopng
Now, open your web browser and go to
http://your-server:[port] you will see the login page.
On the same page, you will see the default credentials. Username: admin and password: admin. Enter them. Then you can change it.
Finally, you will see the dashboard.
So, enjoy it.
Ntopng is a leader in high-level network monitoring. Thanks to its community version, it is possible to have it on our servers to help us with the task of monitoring the behavior of a network. Thanks to its repository in Debian we have been able to install it without major complications.