Submitted by Jeffrey Botts
- FREE: File Permissions Check – Compare folder and file permissions - Fri, Feb 20 2015
- FREE: ABC-Deploy – Software deployment and inventory - Wed, Apr 16 2014
- FREE: AD Permissions Reporter – View Active Directory permissions - Fri, Feb 7 2014
From the developers website:
What is NTop-XTRA?
When all is said and done, network traffic is a collection of computers talking to each other. ntop will show you - in an easy to digest form - a detailed breakdown of the conversations.
You’ll be able to see which computer is talking to which other computer, and what protocol(s) they are using. If you want to know who is utilizing your server the most then ntop is perfect for you. Do you have a WAN link that is full up and you don’t know why? Use ntop to break the traffic down so that you will see instantly where the bandwith is going.
Whether you are running on a 10Mb network or a gigabit Ethernet network you will find ntop scales well to suit your needs.
The great thing about ntop is that it decodes your network traffic for you, giving you the information you need without all of the technical detail you don’t need.
ntop is a high quality, scalable and reliable tool...you’ll wonder how you ever managed without it.
NTop-XTRA Features
- ntop sports a web based interface for browsing network traffic information as well as limited configuration and administration functionality.
- ntop runs as a service under Microsoft Windows so that you do not need to be logged in for it to work.
- Network traffic may be filtered so that only the traffic you specified is analyzed. So, for instance, if you’re only interested in the IP traffic you can filter out all other traffic. The filter language is the same as the packet capture filter language used by Ethereal and tcpdump.
ntop is a full featured tool, with hundreds of features, here is a summary of what ntop can do for you
- Display traffic statistics
- Breakdown the network protocols running on your network
- Store traffic statistics in RRDTool format for historical analysis and trending
- Assist with identifying your users
- Identify host operating systems without disturbing your network
- Breakdown IP traffic by conversation
- Breakdown IP traffic statistics by port
- Breakdown IP traffic by subnet
- Act as a NetFlow/sFlow probe and collector (as supported by Cisco, Juniper and Foundry devices
I prefer the OSSIM (Open Source Security Information Management) implementation of NTop because of its comprehensive network flow control and security scanning but it runs on Linux.
NTOP-XTRA is a quick way to get some network information out of a windows server/client in a pinch. I agree with the author that once one hits unix or linux worlds there are better packages of ntop.
Haven’t seen that name in ages… I thought that by some alchemy they had “solved” the switched network “issue”… My switches are too stupid to be told what to do.
the tool is terrific! i download and used it today.it’s so great! thank you very much.
Hi Jacky,
I’m glad that you like it. I felt the same way about it when I found it.
If you like this, you should check out OSSIM. It is a Network Traffic Monitoring/ Network Security system that installs on any linux distro. There is an sutomated installer that installs everything for you on Debain. I changed to this once I found it, and run it as a VM in ESX.
It includes:
* Arpwatch, used for mac anomaly detection.
* P0f, used for passive OS detection and os change analisys.
* Pads, used for service anomaly detection.
* Nessus, used for vulnerability assessment and for cross correlation (IDS vs Security Scanner).
* Snort, the IDS, also used for cross correlation with nessus.
* Spade, the statistical packet anomaly detection engine. Used to gain knowledge about attacks without signature.
* Tcptrack, used for session data information which can grant useful information for attack correlation.
* Ntop, which builds an impressive network information database from which we can get aberrant behaviour anomaly detection.
* Nagios. Being fed from the host asset database it monitors host and service availability information.
* Osiris, a great HIDS.
* OCS-NG, Cross-Platform inventory solution.
* OSSEC, integrity, rootkit, registry detection and more.
Enjoy!
Jeff
Hi Jeff,
Thanks for your advice. but i’m not familiar with linux now.maybe i need to learn it more.
your blog is so valuable, i used to have a look at it.
BTW, i’m from china, happy labor day!
I’m always looking to admin tools to add to my 8GB Toolkit (flash drive). Does NTop-XTRA fill the bill, or does it require a permanent hard drive home?
Hi Ronin,
Ntop-XTRA must be installed on a hard disk. You could use a USB Linux distro like Damn Small Linux with the persistent option and install the Linux version of Ntop on it and be able to run from a USB flash drive. It works quite well.
Jeff
“NOTE: This package is no longer updated or supported by OPENXTRA.” What’s the 411 with that?
ntop-xtra is no more available on the home page, now where can i find a copy of it for win32. hv been googling but no luck, any wrking url plz..
hanu
Found this one is still alive. Just click on Big Green button to download. Once downloaded, extract it. The actual ntop-extra is inside another .exe file.
Oops, sorry forgot to paste the link:
http://www.wretch.cc/blog/ckm123/18713345
st3rling, thanks! I hope you checked the file with an anti-virus software. 😉
I did check it for viruses. Several times. Using different scans 🙂 Anyway, I already installed it and it works great!
With it support from it makes nonexistent, I’m a little hesitant about downloading it from the link provided by st3rling, and the nightmares that might be lurking. Of course, I’ll probablly download it and give it a look anyway.
the one that @st3rling provided need to extract one more time, so maybe we could use this one:
http://www.daysol.com/downloads/Utilities/NTop_XTRA_3_18_0.exe
Already uploaded to VirusTotal http://www.virustotal.com/
all the 41 antivirus software reported clean 🙂
You can check out mine upload result report or upload again by yourself:
http://www.virustotal.com/analisis/32b6e1ef4bbae73da7dfd4d03f557aba3d6ac7069731a4bdc0860ecfb97d0b6e-1257244304
Hi Guys,
I am going implement an nTop on my network,but i am confused about which platform is good (Linux or Windows),and please can you tell me why?
I am looking forward to your reply.
Many Thanks
Nabilios