Ntop: Beyond Ping and Traceroute
The task of network management is becoming iiicreasingly complex due to the increasing mmber of networked computers running different operating systems and speaking various network protocols. Most of network monitoring and diagnostic tools such as ping and traceroute are suitable just for tackling simple connectivity problems. Complex network problems often need to be addressed using rather expensive management tools or probes affordable only by mid-large companies.
This paper covers the design and the implementation of ntop, an open-source web-based network usage monitor that enables users to track relevant network activities including network utilisation, established connections, network protocol usage and traffic classification. ntop’s portability across various platforms, its support of many network media, ease of use and lightweight CPU utilisation makes it suitable for people who want to monitor their network without having to adopt a sophisticated yet expensive management platform.
KeywordsPacket Loss Hash Table Network Management Network Flow Traffic Classification
- 1.Abell V.: hf, ftp://vic.cc.purdue.edu/pub/tools/unix/lsof/ (1 998).
- 2.Apostals E.: queso, http://www.apostols.org/ (1998).
- 3.Binns R.: top (1993).Google Scholar
- 4.BrownIee N.: NeTraMet v.4.2 Users’ Guide, http://WWW.auckland.an.nz/net/Accounting/ (1998).
- 5.Claerhout B.: IP Spoof (1996).Google Scholar
- 6.Deri L.: Droplets: Breaking Monolithic Applications Apart, IBM Research Report RZ 2799 (1 995).Google Scholar
- 7.Deri L.: Surfin’ Network Management Applications Across the Web, Proceedings of 2nd Xnt. IEEE Workshop on System and Network Management (1996).Google Scholar
- 8.Fyodor: Remote 0s detection via TCP/IP stack fingerprinting, http://www.insecure.org/nmap/nmap-fingerprinting-article.txt (1998).
- 9.Jacobson V., Leres C., and McCanne S.: tcpdump, Lawrence Berkeley National Labs, ftp://ftp. ee. lbl.gov/ (1989).
- 10.Jander M.: Web-based Management: Welcome to the Revolution, Data Communications (1996).Google Scholar
- 11.S. McCanne and V. Jacobson: The BSD Packer Filter: A New Architecture for User-level Packet Capture, Proc. of 1993 Winter USENIX Conference, 1993.Google Scholar
- 12.S. McCanne, C. Leres and V. Jacobson: libpcap, Lawrence Berkeley National Labs, ftp://ftp.ee.lbl.gov/ (1994).
- 13.Microsoft Corporation: NDIS Packet Driver 3.0 (1996).Google Scholar
- 14.Ranum M., and others: Implementing a Generalized Tool for Network Monitoring, Proc. of LISA’97, USENIX 1 1 th System Administration Conference, http://www.nfr.com/forum/publications/LISA-97.htm (1997).
- 15.Raymond E.: The Cathedral and the Bazaar, http://www.tuxedo.org/-esr/ (1998).
- 16.Stevens R.: UNIX Network Programming, Volume 1, 2nd Edition (1998).Google Scholar
- 17.Waldbusser S.: Remote Network Monitoring Management Information Base, RFC 1757 (1995).Google Scholar
- 18.Free Software Foundation, GNU gdbm, http://www.gnu.org/software/gdbm/ (1999).