ntop
| ntop
|
|
|---|---|
|
|
| Basic data
|
|
| developer | u. a. Luca Deri |
| Current version | 4.1.0 (August 15, 2011) |
| Current preliminary version | 5.0.1 |
| operating system | various Unix derivatives and Windows |
| programming language | C. |
| category | Network monitoring |
| License | GPLv 2 |
| German speaking | No |
| ntop.org | |
ntop (network top) is an open source and free software with which network traffic can be recorded and analyzed. The name is based on the Unix program , as it analyzes all active network connections and can display them sorted according to various criteria. In the meantime, however, Ntop is also able to read in log files in order to evaluate these logs and thus also display them graphically.
The program was initiated by Luca Deri, an Italian scientist at the University of Pisa in June 1998, but is now being further developed by a broader development front.
Services
In terms of network technology, ntop should be located between OSI layer 2 (MAC) and 3 (IP).
The ntop GUI is implemented as a web server, the connection of which can optionally be encrypted using OpenSSL , and requires a web browser to view the output of the analyzes. The output is partly elaborately designed (JavaScript, speaking graphic elements). However, there is also the option of redirecting the output to a text file , similar to tcpdump .
sFlow and Netflow are supported as well as RRD and a large number of other protocols, including TCP / UDP / ICMP , (R) ARP , IPX , NetBIOS , AppleTalk , SMTP / POP / IMAP and SNMP . Depending on the hardware interface of the host in addition to Ethernet and Token Ring or Fiber Channel support.
The disadvantage of ntop is the lack of storage facilities for the collected network data. This means that collected information is lost when the program is restarted. Another problem is, on the one hand, the increased need for main memory, and on the other hand, ntop itself cannot be used permanently as a tool for graphic analysis, as is the case with MRTG, for example . However, this functionality is partially retrofitted using existing plugins. The RRD plug-in allows the regular storage of long-term data in RRD databases, which can then be used for long-term evaluations.