Assalamualaikum Wr.Wb..
dengan diberikan nikmat dan rezeki dari Allah SWT, saya Mr.Gagaltotal666 akan
berbagi kepada anda yaitu tentang Monitor Network Traffic with Ntopng
on Ubuntu Server 20.04 LTS GNU/Linux.
Apa itu Ntopng ?
ntopng adalah versi generasi berikutnya dari ntop asli, probe lalu lintas jaringan
yang memantau penggunaan jaringan. ntopng didasarkan pada libpcap
dan telah ditulis dengan cara portabel agar dapat berjalan secara virtual
di setiap platform Unix, MacOSX dan juga di Windows.
ntopng, menyediakan antarmuka pengguna web yang terenkripsi
dan intuitif untuk eksplorasi informasi
lalu lintas waktu nyata dan historis.
Main Features Ntopng :
- Sort network traffic according to many criteria including
IP address, port, L7 protocol, throughput, Autonomous Systems (ASs)
- Show realtime network traffic and active hosts
- Produce long-term reports for several network metrics
including throughput and application protocols
- Top talkers (senders/receivers), top ASs, top L7 applications
- Monitor and report live throughput, network and application latencies,
Round Trip Time (RTT), TCP statistics (retransmissions,
out of order packets, packet lost), and bytes and packets transmitted
- Store on disk persistent traffic statistics to allow
future explorations and post-mortem analyses
- Geolocate and overlay hosts in a geographical map
- Discover application protocols (Facebook, YouTube, BitTorrent, etc)
by leveraging on nDPI, ntop Deep Packet Inspection (DPI) technology
- Characterise HTTP traffic by leveraging on characterisation services
provided by Google and HTTP Blacklist.
- Analyse IP traffic and sort it according to the source/destination.
- Report IP protocol usage sorted by protocol type
- Produce HTML5/AJAX network traffic statistics.
- Full support for IPv4 and IPv6
- Full Layer-2 support (including ARP statistics)
- GTP/GRE detunnelling
- Support for MySQL, ElasticSearch and LogStash export of monitored data
- Interactive historical exploration of monitored data exported to MySQL
- Alerts engine to capture anomalous and suspicious hosts
- SNMP v1/v2c support and continuous monitoring of SNMP devices
- Identity Management, including correlation of VPN users to traffic
Installasi Ntopng di server GNU/Linux
Distro Ubuntu Server
20.04 LTS Focal Fossa
sudo suapt-get install software-properties-common wgetadd-apt-repository universewget https://packages.ntop.org/apt/20.04/all/apt-ntop.debapt install ./apt-ntop.deb
18.04 LTS Bionic
sudo suapt-get install software-properties-common wgetadd-apt-repository universewget https://packages.ntop.org/apt/18.04/all/apt-ntop.debapt install ./apt-ntop.deb
16.04 LTS Xenial Xerus
sudo suwget https://packages.ntop.org/apt/16.04/all/apt-ntop.debapt install ./apt-ntop.deb
Distro Debian Server
Debian 10 (Buster)
sudo suwget https://packages.ntop.org/apt/buster/all/apt-ntop.debapt install ./apt-ntop.deb
Debian 9 (Stretch)
sudo suwget https://packages.ntop.org/apt/stretch/all/apt-ntop.debapt install ./apt-ntop.deb
Debian 8 (Jessie)
sudo suwget https://packages.ntop.org/apt/jessie/all/apt-ntop.debdpkg -i apt-ntop.debecho "deb http://archive.debian.org/debian jessie-backports main" >> /etc/apt/sources.listecho 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-untilapt-get update && apt-get install libjson-c2
Raspbian (stretch_pi)
To install the programs in Raspbian (stretch_pi) open your shell and type
echo "deb http://apt.ntop.org/stretch_pi armhf/" > /etc/apt/sources.list.d/ntop.listecho "deb http://apt.ntop.org/stretch_pi all/" >> /etc/apt/sources.list.d/ntop.list
Installing ntopng Packages
apt-get clean allapt-get updateapt-get install pfring-dkms nprobe ntopng n2disk cento
install the ZC drivers
apt-get install pfring-drivers-zc-dkms
install the nBox GUI
apt-get install nbox
install nedge
apt-get install nedge
Perhatikan bahwa ntopng tidak boleh dipasang bersama dengan nedge.
Hapus ntopng sebelum menginstal nedge. jika Anda ingin selalu
memperbarui sistem Anda
apt-get updateapt-get upgrade
Configure Ntopng
Setelah menginstal Ntopng, Anda perlu mengubah
file konfigurasi default Ntopng yang terletak di /etc/ntopng/ntopng.conf :
sudo nano /etc/ntopng/ntopng.conf
Lakukan perubahan berikut :
-G=/var/run/ntopng.pid##Specifies the network interface or collector endpoint to be used by ntopng for network monitoring.-i=enp0s3##Sets the HTTP port of the embedded web server.-w=3000
Simpan dan tutup file, lalu buat file ntopng.start :
sudo nano /etc/ntopng/ntopng.start
Tambahkan baris berikut sesuai jaringan Anda :
--local-networks "192.168.1.0/24" ## give your local IP Ranges here.--interface 1
Simpan dan tutup file, kemudian restart Ntopng
dan aktifkan untuk memulai saat boot :
$ systemctl restart ntopng$ systemctl enable ntopng
Access Ntopng
Ntopng sekarang diinstal dan pada port 3000. Sekarang,
buka browser web Anda dan ketik URL http: // your-server-ip: 3000.
Anda akan diarahkan ke halaman berikut :
Sekarang, berikan nama pengguna default sebagai admin
dan kata sandi sebagai admin
Video Tutorial
oke mungkin itu saja mengenai Ntopng
kalau ada kesalahan dan kekurangan nya
mohon berikan masukan nya ya
sekian dan semoga bermanfaat
Wasalamualaikum Wr.Wb...
Sumber : [ntopng]
0 Comments