Chinaunix首页 | 论坛 | 博客
  • 博客访问: 623177
  • 博文数量: 73
  • 博客积分: 1813
  • 博客等级: 上尉
  • 技术积分: 1213
  • 用 户 组: 普通用户
  • 注册时间: 2009-12-27 19:59
文章分类
文章存档

2013年(1)

2012年(12)

2011年(28)

2010年(31)

2009年(1)

我的朋友

分类: LINUX

2010-01-29 17:32:25

Ntop的安装与配置

 

环境:redhat5.3

ntop-3.2.tgz

准备:

# rpm -qa |grep php

# rpm -qa |grep gd

#rpm -qa |grep libpng

#rpm -qa |grep libxml

# rpm -qa | grep cgilib

# rpm –qa |grep rrdtool

[root@kaka ~]# rpm -qa | grep libpcap

libpcap-devel-0.9.4-14.el5

libpcap-0.9.4-14.el5

[root@kaka ~]# rpm -qa | grep gdbm

gdbm-devel-1.8.0-26.2.1

gdbm-1.8.0-26.2.1

这里要注意,如果没有装libpcap-devel,在./configure时会出现以下错误:

 

checking for strerror... yes
checking for __FUNCTION__... yes
checking for floor in -lm... yes
checking for pcap_datalink in -lpcap... no

ERROR! Libpcap library/headers not found, go get it from

or use the --with-libpcap-* options, if you have it installed
in unusual place

 

安装:

ntop

# tar zxvf ntop-3.2.tgz

# cd /ntop-3.2

# ./configure –prefix=/usr/local/ntop

# make

# make install

 

建立一个用户ntop,登录ntop进会此用户

# useradd ntop

#passwd ntop

 

改变文件所有者为ntop

# chown –R ntop:ntop /usr/local/var/ntop

# chown –R ntop:ntop /usr/local/share/ntop

 

配置:

设置管理密码

# /usr/local/bin/ntop -P /usr/local/share/ntop/ -u ntop -A

 

ntop的模板配置文件放到/usr/local/etc/ntop/ntop.conf

 

# cp /usr/local/ntop/packages/RedHat/ntop.conf.sample /usr/local/etc/ntop/ntop.conf

[root@kaka ~]# sed -n '/^[^#]/p' /usr/local/etc/ntop/ntop.conf

--user ntop

--daemon

--db-file-path /usr/local/share/ntop/

--interface eth0

--trace-level 3 # Which is the default

--http-server 3000

--disable-schedyield

 

启动:

[root@kaka ~]# /usr/local/bin/ntop -P /usr/local/share/ntop/ -u ntop -c -d -i eth0

Wed Jan 27 20:55:04 2010  NOTE: Interface merge enabled by default

Wed Jan 27 20:55:04 2010  **WARNING** Trailing slash removed from argument for option -P | --db-file-path

Wed Jan 27 20:55:04 2010  Initializing gdbm databases

Wed Jan 27 20:55:04 2010  ntop v.3.2 SourceForge .tgz

Wed Jan 27 20:55:04 2010  Configured on Jan 27 2010 17:48:21, built on Jan 27 2010 17:54:15.

Wed Jan 27 20:55:04 2010  Copyright 1998-2005 by Luca Deri

Wed Jan 27 20:55:04 2010  Get the freshest ntop from

Wed Jan 27 20:55:04 2010  NOTE: ntop is running from '/usr/local/bin'

Wed Jan 27 20:55:04 2010  NOTE: (but see warning on man page for the --instance parameter)

Wed Jan 27 20:55:04 2010  NOTE: ntop libraries are in '/usr/local/lib'

Wed Jan 27 20:55:04 2010  Initializing ntop

Wed Jan 27 20:55:04 2010  Checking eth0 for additional devices

Wed Jan 27 20:55:04 2010  Resetting traffic statistics for device eth0

Wed Jan 27 20:55:04 2010  DLT: Device 0 [eth0] is 1, mtu 1514, header 14

Wed Jan 27 20:55:04 2010  Initializing gdbm databases

Wed Jan 27 20:55:04 2010  VENDOR: Loading MAC address table.

Wed Jan 27 20:55:04 2010  VENDOR: Checking for MAC address table file

Wed Jan 27 20:55:04 2010  VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded

Wed Jan 27 20:55:04 2010  VENDOR: ntop continues ok

Wed Jan 27 20:55:04 2010  VENDOR: Checking for MAC address table file

Wed Jan 27 20:55:04 2010  VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded

Wed Jan 27 20:55:04 2010  VENDOR: ntop continues ok

Wed Jan 27 20:55:04 2010  Fingeprint: Loading signature file.

Wed Jan 27 20:55:04 2010  Fingeprint: ...loaded 1697 records

Wed Jan 27 20:55:04 2010  INIT: Parent process is exiting (this is normal)

Wed Jan 27 20:55:04 2010  INIT: Bye bye: I'm becoming a daemon...

 

-P指定目录,-u指定用户,-I 指定网卡接口

 

[root@kaka ~]# nmap 192.168.3.193

 

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2010-01-27 20:55 CST

Interesting ports on localhost (192.168.3.193):

Not shown: 1673 closed ports

PORT     STATE SERVICE

21/tcp   open  ftp

22/tcp   open  ssh

80/tcp   open  http

111/tcp  open  rpcbind

852/tcp  open  unknown

3000/tcp open  ppp

3306/tcp open  mysql

 

发现3000端口开启

 

在浏览器中输入3000/

则会看到监控界面

阅读(1113) | 评论(0) | 转发(1) |
给主人留下些什么吧!~~