Author: Benjamin D. Thomas
were released for libnids, thttpd, apache2, gdm, and fetchmail. The distributors
include Conectiva, Debian, Mandrake, and Slackware.One of my favorite Linux
network tools has always been ntop. For those of you who haven’t used it, ntop
is a command line tool used to gather information about network traffic. It
is similar to ‘top,’ another command line tool that is used to report CPU and
other resource usage. Ntop can be used for traffic measurement, monitoring,
network usage analysis, and as a security violation detection tool. Ntop can
be downloaded on http://www.ntop.org, and
it is available for a wide range of operating systems.
Ntop has relatively active community
around it. If you need support there are several mailing lists that are available.
Also, the Web site provides several usage guides so using the tool to its fullest
extent should not be a problem. The documentation provides all of the information
that is necessary. Ntop provides an easy way for administrators to easily identify
bandwidth utilization problems, identifying hosts in promiscuous mode, and the
use of duplicate IP addresses.
One of the more interesting features
is that ntop can be started in Web mode. For example, ‘prompt$ ntop -w 3000’
will allow a remote user to be able to access ntop information remotely. (http://server.domain.com:3000)
One of the drawbacks is that ntop
is not as robust as some of the enterprise traffic monitoring systems. The small-time
system administrator should see that as a virtue though. If you only have several
machines to keep track of, it has all the power that you would ever need. Normally,
this is a tool that I use when trying to diagnose problems. Often, other network
reporting tools are too verbose. Ntop provides just enough information quickly,
in order to make decisions that may affect configuration changes.
By now, hopefully most of you have
used, or consistently use ntop. If not, I urge you to take a look. Ntop can
be a great solution to satisfying your curiosity when you would like to know
what is happening on your network at any given moment.
Until next time, cheers!
Benjamin D. Thomas
LinuxSecurity Feature
Extras:
EnGarde
GDSN Subscription Price Reduction
– Guardian Digital, the world’s premier open source security company, announced
today that they will be reducing the annual subscription cost of the Guardian
Digital Secure Network for EnGarde Community users from $229 to $60 for a
limited time.R00ting
The Hacker
– Dan Verton, the author of The Hacker Diaries: Confessions of
Teenage Hackers is a former intelligence officer in the U.S. Marine Corps
who currently writes for Computerworld and CNN.com, covering national cyber-security
issues and critical infrastructure
protection.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]
Category:
- Security
