37 C
Jaipur
Tuesday, April 13, 2021

How to Install Ntopng on Ubuntu 20.04

Must read

Ntopng is free, open-source software that provides a web interface for real-time network traffic monitoring. It is the next-generation version of the original ntop which shows the network usage, statistics, and analytic. It supports different operating systems like Linux, Mac OS, BSD, and Windows. There are professional and enterprise editions of Ntopng which have licensing requirements, and the free community edition.

In this tutorial, we will learn how to install ntopng tool on Ubuntu 20.04 and use it to monitor the local network.

Installing ntopng Repository

The ntopng package is not available in the Ubuntu 20.04 default repository, so we need to add the ntopng repository to APT.

First, update your base system with the latest available packages:

$sudo apt-get update -y

Next, install the required packages:

$ sudo apt-get install software-properties-common wget gnupg -y

Now download the package and add the ntopng repository:

$ sudo add-apt-repository universe
$ wget https://packages.ntop.org/apt/20.04/all/apt-ntop.deb

Once the package is downloaded, install it using the following command:

$ sudo apt install ./apt-ntop.deb

Install ntopng on the local server

First, update the apt since we added a new repository to our Ubuntu linux system:

$ sudo apt-get update -y

If you have done everything correctly, you should see the added repository in the terminal output:

Get:6 https://packages.ntop.org/apt/20.04 x64/ InRelease [2,153 B]
Get:7 https://packages.ntop.org/apt/20.04 all/ InRelease [2,153 B]
Get:8 https://packages.ntop.org/apt/20.04 x64/ Packages [4,108 B]
Get:9 https://packages.ntop.org/apt/20.04 all/ Packages [2,789 B]

Now install the ntopng and other required packages:

$ sudo apt-get install pfring-dkms nprobe ntopng n2disk cento -y

That’s it. The ntopng is successfully installed. Now we should configure the application and web interface.

Configure Ntopng

After ntopng installation you need to check which network interface you are using with the IP command:

$ ip a
 
 1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
        valid_lft forever preferred_lft forever
     inet6 ::1/128 scope host 
        valid_lft forever preferred_lft forever
 2: eth0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
     link/ether 08:00:27:14:86:db brd ff:ff:ff:ff:ff:ff
     inet 192.168.0.15/24 brd 192.168.0.255 scope global dynamic eth0
        valid_lft 86365sec preferred_lft 86365sec
     inet6 fe80::a00:27ff:fe14:86db/64 scope link 
        valid_lft forever preferred_lft forever

In our case, we use eth0 network interface for our local network, but you need to check for your own (in most cases it is eth0 for LAN).

Now, we need to edit the ntopng configuration located at /etc/ntopng/ntopng.conf and enter Network Interface, Port, and Location of the PID.

$ sudo nano /etc/ntopng/ntopng.conf

Now we need to adjust the config file to our needs. Make the following edits to reflect your settings (most important is the network interface and -w parameter for the port (-G parameter is already set by default):

-G=/var/run/ntopng.pid


-i=eth0


-w=3000

So, in our example, we have set the ntopng service to monitor the traffic on interface eth0.

Next, create a new configuration file and define your local network IP address range:

$ sudo nano /etc/ntopng/ntopng.start

Now add the following lines and change to your starting local IP address (/24 specifies all IP addresses from 0 to 255 in the local subnet):

--local-networks "192.168.0.0/24"
--interface 1

Next, we must restart Ntopng service and enable it to start on boot time:

$ sudo systemctl start ntopng
$ sudo systemctl enable ntopng

You can also check the status of the service with the following systemctl command:

$ systemctl status ntopng

Output:

● ntopng.service - ntopng high-speed web-based traffic monitoring and analysis tool
Loaded: loaded (/etc/systemd/system/ntopng.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-03-05 19:24:31 UTC; 34min ago
Main PID: 1252 (ntopng)
Tasks: 51 (limit: 1113)
Memory: 361.8M
CGroup: /system.slice/ntopng.service
└─1252 /usr/bin/ntopng /run/ntopng.conf

Mar 05 19:24:40 vagrant ntopng[1252]: 05/Mar/2021 19:24:40 [startup.lua:168] [lists_utils.lua:419] Updating list 'NoCoin Filter List' [https:>
Mar 05 19:24:40 vagrant ntopng[1252]: 05/Mar/2021 19:24:40 [startup.lua:168] [lists_utils.lua:419] Updating list 'SSLBL Botnet C2 IP Blacklis>

Access ntopng Web Interface

Ntopng is now installed and accessible on port 3000. Open your web browser and type the URL http://your-server-ip:3000. You will be redirected to the following login prompt:

Login form
Ntopng Login Form

Enter the default admin/admin login, then you will be asked to change the default password in order to access the ntopng dashboard:

Interfaces screen
Ntopng Interfaces Page
Ntopng System Overview
Ntopng System Overview
Ntopng Traffic Dashboard
Ntopng Traffic Dashboard

There is even a nice dark theme:

Ntopng Traffic Overview
Ntopng Traffic Overview
Ntopng Pools
Ntopng Pools

Conclusion

You have successfully installed ntopng software and web dashboard on your Ubuntu 20.04 server. Now you can proceed with configuring the ntopng using its web interface.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article