ntop for fun and profit.

Written by vidarlo on 20071016 in english and Linux and software with no comments.

ntop is a network monitoring utility, showing usage info about the network.

It’s quite nice for discovering bandwith hogs, average load, traffic stats etc. It graphs the usage for different protocols in more or less realtime, without much configuration. It’s as simple as firing up ntop -i eth0 and fire up a web browser to watch.

It identifies the individual hosts, their traffic, their peers, common p2p-protocols, has the ability to sniff DNS lookups going over the wire, so it won’t generate a query for each host.

Only downside is that it consumes quite some CPU if you want it to analyze traffic, and not just graph it. Analyzing a 100Mb link almost needs a dedicated server…

