• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 323
  • Last Modified:

Network monitoring

i am using fedora core 1. i use my linux as a router. eth0 is connected to xdsl modem. eth1 is connected to a stagging server and eth2 is connected to hub and spread the internet connection to the office network.

From my fc1, i would like to have a software that can monitor the network completed with eth0, eth1 and eth2 connection. in and out.

Any software that i can download for it? thanks
0
lilie795
Asked:
lilie795
  • 9
  • 5
  • 4
1 Solution
 
jlevieCommented:
You don't say what sort of monitoring you need, but one possibility might be Ntop from http://www.ntop.org/
0
 
lilie795Author Commented:
monitoring the 3 network card activity and record any hacking activity from outside
0
 
jlevieCommented:
That sound more like you are after an Intrusion Detection System (IDS). Probably the best of those is Snort (http://www.snort.org/).
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

 
lilie795Author Commented:
will the snort have the gui interface so i can how the traffic going
0
 
jlevieCommented:
Snort doesn't do traffic statistics it is only conerned with detecting intrusions. I don't know of any tools that do both.
0
 
xscousrCommented:
so i can "??" how the traffic going??

NTOP will give you a html based front end to view traffic, where it is going, where it came from, packet size, protocol etc - excellent tool
snort, with an additional front end like snortcenter will give you details on packet payload, to/from etc etc
"Snort is a software-based real-time network intrusion detection system that can be used to notify an administrator of a potential intrusion attempt."

A good article on setting up and using snort can be found at

http://www.linuxsecurity.com/feature_stories/feature_story-49.html
0
 
lilie795Author Commented:
i already download the ntop, the ntop-3.0-0.i386.rpm. I recieve a error:

Packages Not Found

libgd.so.1.8           ('ntop','3.0','0')
libgdome.so.0       ('ntop','3.0','0')

what is this actually?
0
 
jlevieCommented:
I don't see an rpm specifically for Fedora. What did you download?

FYI: In the general case unless you can find an rpm built specifically for the Linux distro/version you are running you'll be better served by getting an SRPM or a source kit and building your own copy.
0
 
lilie795Author Commented:
i download it from ntop.org. but i choose the download for redhat version.

so what are the best network monitoring  for fedora cora 1 and running under kde?
0
 
xscousrCommented:
0
 
xscousrCommented:
Packages Not Found

libgd.so.1.8           ('ntop','3.0','0')   - this is provided by gd -http://atrpms.net/dist/fc1/gd/
libgdome.so.0       ('ntop','3.0','0')    -  this is provided by gdome - http://download.atrpms.net/production/packages/fedora-1-i386/atrpms/gdome2-0.8.1-3.rhfc1.at.i386.rpm
0
 
lilie795Author Commented:
why when i install the rpm file, there is icon showing for installing at my cursor. but then nothing happen. is it i have to install it manually?
0
 
xscousrCommented:
I don't understand what you are saying.

install the rpms' from a command line using rpm -ivh file.rpm
If you have further trouble copy and paste the results from your install attempt into a comment.

If all goes well edit /etc/ntop.conf to your needs and then start ntop with "service ntop start" from command line. Open up a browser and go to http://localhost:3000




0
 
lilie795Author Commented:
ok will try
0
 
lilie795Author Commented:
this the error message:

first i try to install ntop...the error come out...the system want the libgd.so.2..so i install the libgd...then i try installing again the ntop....and below is the error output.

[root@localhost src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
error: Failed dependencies:
        libgd.so.2 is needed by ntop-3.0_fc-0
[root@localhost src]# rpm -ivh libgd2-2.0.28-0_9.rhfc1.at.i386.rpm
warning: libgd2-2.0.28-0_9.rhfc1.at.i386.rpm: V3 DSA signature: NOKEY, key ID 66
534c2b
Preparing...                ########################################### [100%]
   1:libgd2                 ########################################### [100%]
[root@scvfc src]# rpm -ivh ntop-3.0_fc-0.i386.rpm
Preparing...                ########################################### [100%]
        file /etc/logrotate.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
        file /etc/rc.d/init.d/ntop from install of ntop-3.0_fc-0 conflicts with
file from package ntop-3.0-1.rhfc1.dag
        file /usr/bin/ntop from install of ntop-3.0_fc-0 conflicts with file fro
m package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libicmpPlugin-3.0.so from install of ntop-3.0_fc-0 conflic
ts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/liblastSeenPlugin-3.0.so from install of ntop-3.0_fc-0 con
flicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libnetflowPlugin-3.0.so from install of ntop-3.0_fc-0 conf
licts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libnfsPlugin-3.0.so from install of ntop-3.0_fc-0 conflict
s with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libntop-3.0.so from install of ntop-3.0_fc-0 conflicts wit
h file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libntopreport-3.0.so from install of ntop-3.0_fc-0 conflic
ts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libpdaPlugin-3.0.so from install of ntop-3.0_fc-0 conflict
s with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/librrdPlugin-3.0.so from install of ntop-3.0_fc-0 conflict
s with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libsflowPlugin-3.0.so from install of ntop-3.0_fc-0 confli
cts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/libxmldumpPlugin-3.0.so from install of ntop-3.0_fc-0 conf                                            licts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/icmpPlugin.so from install of ntop-3.0_fc-0 c                                            onflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/lastSeenPlugin.so from install of ntop-3.0_fc                                            -0 conflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/netflowPlugin.so from install of ntop-3.0_fc-                                            0 conflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/nfsPlugin.so from install of ntop-3.0_fc-0 co                                            nflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/pdaPlugin.so from install of ntop-3.0_fc-0 co                                            nflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/rrdPlugin.so from install of ntop-3.0_fc-0 co                                            nflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/sflowPlugin.so from install of ntop-3.0_fc-0                                             conflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/lib/ntop/plugins/xmldumpPlugin.so from install of ntop-3.0_fc-                                            0 conflicts with file from package ntop-3.0-1.rhfc1.dag
        file /usr/share/man/man8/ntop.8.gz from install of ntop-3.0_fc-0 conflic                                            t
0
 
lilie795Author Commented:
and the i try to install forcely by using this command rpm -ivh --force ntop-3.0_fc-0.i386.rpm

and at Services..i can see the ntop service is check and running but the status are:

ERROR -
        Configuration file /etc/ntop.conf does not exist!

Aborting...
0
 
xscousrCommented:
it looks like you alredy have ntop installed, version  ntop-3.0-1.rhfc1.dag,

delete both with an rpm -e  ntop-3.0-1.rhfc1.dag and rpm -e ntop-3.0_fc-0.i386.rpm
then install only one package -

rpm -ivh  ntop-3.0-1.rhfc1.dag

then run service ntop start, if it does not start automatically after install.
it'll run with all the defaults set - check the ntop man page for details on configuration.

open your browser to http://localhost:3000




0
 
lilie795Author Commented:
i already install it succesfully...but i see only basic function...i cannot see what are the lan client surfing and what ip is accessing my server...or to spesific server such as who access the ftp server, who access the web server...

any other monitoring better than ntop?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 9
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now