lilie795
asked on
Network monitoring
i am using fedora core 1. i use my linux as a router. eth0 is connected to xdsl modem. eth1 is connected to a stagging server and eth2 is connected to hub and spread the internet connection to the office network.
From my fc1, i would like to have a software that can monitor the network completed with eth0, eth1 and eth2 connection. in and out.
Any software that i can download for it? thanks
From my fc1, i would like to have a software that can monitor the network completed with eth0, eth1 and eth2 connection. in and out.
Any software that i can download for it? thanks
You don't say what sort of monitoring you need, but one possibility might be Ntop from http://www.ntop.org/
ASKER
monitoring the 3 network card activity and record any hacking activity from outside
That sound more like you are after an Intrusion Detection System (IDS). Probably the best of those is Snort (http://www.snort.org/).
ASKER
will the snort have the gui interface so i can how the traffic going
Snort doesn't do traffic statistics it is only conerned with detecting intrusions. I don't know of any tools that do both.
so i can "??" how the traffic going??
NTOP will give you a html based front end to view traffic, where it is going, where it came from, packet size, protocol etc - excellent tool
snort, with an additional front end like snortcenter will give you details on packet payload, to/from etc etc
"Snort is a software-based real-time network intrusion detection system that can be used to notify an administrator of a potential intrusion attempt."
A good article on setting up and using snort can be found at
http://www.linuxsecurity.com/feature_stories/feature_story-49.html
NTOP will give you a html based front end to view traffic, where it is going, where it came from, packet size, protocol etc - excellent tool
snort, with an additional front end like snortcenter will give you details on packet payload, to/from etc etc
"Snort is a software-based real-time network intrusion detection system that can be used to notify an administrator of a potential intrusion attempt."
A good article on setting up and using snort can be found at
http://www.linuxsecurity.com/feature_stories/feature_story-49.html
ASKER
i already download the ntop, the ntop-3.0-0.i386.rpm. I recieve a error:
Packages Not Found
libgd.so.1.8 ('ntop','3.0','0')
libgdome.so.0 ('ntop','3.0','0')
what is this actually?
Packages Not Found
libgd.so.1.8 ('ntop','3.0','0')
libgdome.so.0 ('ntop','3.0','0')
what is this actually?
I don't see an rpm specifically for Fedora. What did you download?
FYI: In the general case unless you can find an rpm built specifically for the Linux distro/version you are running you'll be better served by getting an SRPM or a source kit and building your own copy.
FYI: In the general case unless you can find an rpm built specifically for the Linux distro/version you are running you'll be better served by getting an SRPM or a source kit and building your own copy.
ASKER
i download it from ntop.org. but i choose the download for redhat version.
so what are the best network monitoring for fedora cora 1 and running under kde?
so what are the best network monitoring for fedora cora 1 and running under kde?
fedora core 1 rpm can be found at http://dag.wieers.com/packages/ntop/ntop-2.2-0.rhfc1.dag.i386.rpm
Packages Not Found
libgd.so.1.8 ('ntop','3.0','0') - this is provided by gd -http://atrpms.net/dist/fc1/gd/
libgdome.so.0 ('ntop','3.0','0') - this is provided by gdome - http://download.atrpms.net/production/packages/fedora-1-i386/atrpms/gdome2-0.8.1-3.rhfc1.at.i386.rpm
libgd.so.1.8 ('ntop','3.0','0') - this is provided by gd -http://atrpms.net/dist/fc1/gd/
libgdome.so.0 ('ntop','3.0','0') - this is provided by gdome - http://download.atrpms.net/production/packages/fedora-1-i386/atrpms/gdome2-0.8.1-3.rhfc1.at.i386.rpm
ASKER
why when i install the rpm file, there is icon showing for installing at my cursor. but then nothing happen. is it i have to install it manually?
I don't understand what you are saying.
install the rpms' from a command line using rpm -ivh file.rpm
If you have further trouble copy and paste the results from your install attempt into a comment.
If all goes well edit /etc/ntop.conf to your needs and then start ntop with "service ntop start" from command line. Open up a browser and go to http://localhost:3000
install the rpms' from a command line using rpm -ivh file.rpm
If you have further trouble copy and paste the results from your install attempt into a comment.
If all goes well edit /etc/ntop.conf to your needs and then start ntop with "service ntop start" from command line. Open up a browser and go to http://localhost:3000
ASKER
ok will try
ASKER
this the error message:
first i try to install ntop...the error come out...the system want the libgd.so.2..so i install the libgd...then i try installing again the ntop....and below is the error output.
[root@localhost src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
error: Failed dependencies:
libgd.so.2 is needed by ntop-3.0_fc-0
[root@localhost src]# rpm -ivh libgd2-2.0.28-0_9.rhfc1.at
warning: libgd2-2.0.28-0_9.rhfc1.at
534c2b
Preparing... ##########################
1:libgd2 ##########################
[root@scvfc src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
Preparing... ##########################
file /etc/logrotate.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
file /etc/rc.d/init.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
file /usr/bin/ntop from install of ntop-3.0_fc-0 conflicts with file fro
m package ntop-3.0-1.rhfc1.dag
file /usr/lib/libicmpPlugin-3.0
ts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/liblastSeenPlugin
flicts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libnetflowPlugin-
licts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libnfsPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libntop-3.0.so from install of ntop-3.0_fc-0 conflicts wit
h file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libntopreport-3.0
ts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libpdaPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/librrdPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libsflowPlugin-3.
cts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libxmldumpPlugin-
file /usr/lib/ntop/plugins/icmp
file /usr/lib/ntop/plugins/last
file /usr/lib/ntop/plugins/netf
file /usr/lib/ntop/plugins/nfsP
file /usr/lib/ntop/plugins/pdaP
file /usr/lib/ntop/plugins/rrdP
file /usr/lib/ntop/plugins/sflo
file /usr/lib/ntop/plugins/xmld
file /usr/share/man/man8/ntop.8
first i try to install ntop...the error come out...the system want the libgd.so.2..so i install the libgd...then i try installing again the ntop....and below is the error output.
[root@localhost src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
error: Failed dependencies:
libgd.so.2 is needed by ntop-3.0_fc-0
[root@localhost src]# rpm -ivh libgd2-2.0.28-0_9.rhfc1.at
warning: libgd2-2.0.28-0_9.rhfc1.at
534c2b
Preparing... ##########################
1:libgd2 ##########################
[root@scvfc src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
Preparing... ##########################
file /etc/logrotate.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
file /etc/rc.d/init.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
file /usr/bin/ntop from install of ntop-3.0_fc-0 conflicts with file fro
m package ntop-3.0-1.rhfc1.dag
file /usr/lib/libicmpPlugin-3.0
ts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/liblastSeenPlugin
flicts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libnetflowPlugin-
licts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libnfsPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libntop-3.0.so from install of ntop-3.0_fc-0 conflicts wit
h file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libntopreport-3.0
ts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libpdaPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/librrdPlugin-3.0.
s with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libsflowPlugin-3.
cts with file from package ntop-3.0-1.rhfc1.dag
file /usr/lib/libxmldumpPlugin-
file /usr/lib/ntop/plugins/icmp
file /usr/lib/ntop/plugins/last
file /usr/lib/ntop/plugins/netf
file /usr/lib/ntop/plugins/nfsP
file /usr/lib/ntop/plugins/pdaP
file /usr/lib/ntop/plugins/rrdP
file /usr/lib/ntop/plugins/sflo
file /usr/lib/ntop/plugins/xmld
file /usr/share/man/man8/ntop.8
ASKER
and the i try to install forcely by using this command rpm -ivh --force ntop-3.0_fc-0.i386.rpm
and at Services..i can see the ntop service is check and running but the status are:
ERROR -
Configuration file /etc/ntop.conf does not exist!
Aborting...
and at Services..i can see the ntop service is check and running but the status are:
ERROR -
Configuration file /etc/ntop.conf does not exist!
Aborting...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i already install it succesfully...but i see only basic function...i cannot see what are the lan client surfing and what ip is accessing my server...or to spesific server such as who access the ftp server, who access the web server...
any other monitoring better than ntop?
any other monitoring better than ntop?