Submitted by Jeffrey Botts
Latest posts by Guest Author (see all)
- FREE: File Permissions Check - Compare folder and file permissions - Fri, Feb 20 2015
- FREE: ABC-Deploy - Software deployment and inventory - Wed, Apr 16 2014
- FREE: AD Permissions Reporter - View Active Directory permissions - Fri, Feb 7 2014
What is NTop-XTRA? ^
When all is said and done, network traffic is a collection of computers talking to each other. ntop will show you - in an easy to digest form - a detailed breakdown of the conversations.
You’ll be able to see which computer is talking to which other computer, and what protocol(s) they are using. If you want to know who is utilizing your server the most then ntop is perfect for you. Do you have a WAN link that is full up and you don’t know why? Use ntop to break the traffic down so that you will see instantly where the bandwith is going.
Whether you are running on a 10Mb network or a gigabit Ethernet network you will find ntop scales well to suit your needs.
The great thing about ntop is that it decodes your network traffic for you, giving you the information you need without all of the technical detail you don’t need.
ntop is a high quality, scalable and reliable tool...you’ll wonder how you ever managed without it.
NTop-XTRA Features ^
- ntop sports a web based interface for browsing network traffic information as well as limited configuration and administration functionality.
- ntop runs as a service under Microsoft Windows so that you do not need to be logged in for it to work.
- Network traffic may be filtered so that only the traffic you specified is analyzed. So, for instance, if you’re only interested in the IP traffic you can filter out all other traffic. The filter language is the same as the packet capture filter language used by Ethereal and tcpdump.
ntop is a full featured tool, with hundreds of features, here is a summary of what ntop can do for you ^
- Display traffic statistics
- Breakdown the network protocols running on your network
- Store traffic statistics in RRDTool format for historical analysis and trending
- Assist with identifying your users
- Identify host operating systems without disturbing your network
- Breakdown IP traffic by conversation
- Breakdown IP traffic statistics by port
- Breakdown IP traffic by subnet
- Act as a NetFlow/sFlow probe and collector (as supported by Cisco, Juniper and Foundry devices
I prefer the OSSIM (Open Source Security Information Management) implementation of NTop because of its comprehensive network flow control and security scanning but it runs on Linux.