Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 387
  • Last Modified:

nbox/ntopng 1.2 on Ubuntu 14 & User Groups

I have setup nbox/topng on Ubuntu 14 powered by a Dell PowerEdge 2950 using this package:  http://www.nmon.net/apt-stable/

I have two eth adapters, eth0 for management and eth1 for ntopng. Eth1 is plugged into a SPAN destination port on a Cisco 2940 switch with SPAN configured to source the port my router is attached to. It appears to be picking up flows properly.

My Questions:
1. What benefits are there to moving off of a SPAN design and over to a nProbe/Netflow design
2. How do I add non-admin users and/or groups in the ntopng portal, I only see the option to add admin level users.
0
Freda Driscoll-Sbar
Asked:
Freda Driscoll-Sbar
  • 2
  • 2
1 Solution
 
eeRootCommented:
1) The monitor session will use a bit CPU & memory on the 2940.  If you are seeing high CPU/mem utilization, then you may need to remove the monitor session from the switch.  A hardware tap avoids this problem.

2) Can you create a group for users, then add users to that group?
0
 
Freda Driscoll-SbarDirector of System OperationsAuthor Commented:
Switch CPU is averaging 30%, don't see this as an issue. Ubuntu server load is under 1%.

I don't see any option to create a group under the User management screen in ntopng (see attached). The plus sign button in the top right only offers an Add User option, no group or level of access options.
ntop.bmp
0
 
eeRootCommented:
Apparently, Ntopng requires using the CLI to add users with specific group names by editing the file ntopng-users.conf.  See page 28 on this doc.

https://svn.ntop.org/svn/ntop/trunk/ntopng/doc/UserGuide.pdf

There does not appear to be any info on how to control what the different groups can access though.
0
 
Freda Driscoll-SbarDirector of System OperationsAuthor Commented:
thank you; we decided to just use NetFlow on PRTG instead.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now