Language Selection

English French German Italian Portuguese Spanish

Using ntop, iftop and apachetop to Monitor Traffic on Ubuntu

Filed under

Using ntop, iftop and apachetop to Monitor Traffic on Ubuntu

Not monitoring your server's network traffic is the equivalent of driving a car with your eyes closed. You must at all times be aware of your server's traffic. Just checking the logs is simply not enough. The tools that I will show you today generate traffic statistics, and show traffic usage in realtime. Statistics that would be hard for you to obtain otherwise. For a secure server, using such tools is mandatory.


Ntop is a top-like application with a web frontend, designed to monitor network activity and generate reports on the console or via your web browser.

Installing Ntop on Ubuntu 8.04.1 Server

Article and code continues at:

More in Tux Machines

Security Leftovers

  • The internet apocalypse map hides the major vulnerability that created it
    During Friday’s massive distributed denial of service (DDoS) attack on DNS service provider Dyn, one might be forgiven for mistaking the maps of network outages for images of some post-apocalyptic nuclear fallout. Screenshots from sites like showed menacingly red, fuzzy heat maps of, well, effectively just population centers of the United States experiencing serious difficulty accessing Twitter, Github, Etsy, or any of Dyn's other high-profile clients. Aside from offering little detail and making a DDoS literally into a glowing red menace, they also obscured the reality of just how centralized a lot of internet infrastructure really is. DNS is ground zero for the uneasy tension of the internet’s presumed decentralized resilience and the reality that as of now, translating IP addresses into domain names requires some kind of centralized, hierarchical platform, and that’s probably not going to radically change anytime soon. Other maps provided by various business to business network infrastructure companies weren’t much more helpful. These maps seem to exist mostly to signal that the companies in question have lots of cool data and that it can be made into a flashy map — which might impress potential customers, but that doesn’t offer a ton of insights for the layperson. For example, threat intelligence company Norse's map appears to be mostly a homage to the Matthew Broderick movie War Games: a constant barrage of DDoS attacks beaming like space invader rockets across a world map. Akamai has an impressive 3D visualization that renders traffic as points beaming into the atmosphere. And website monitoring service Pingdom offers a dot map at such a far-out zoom level that it's essentially useless for seeking out more meaningful patterns than "outages happen in population centers, also there are a lot of outages."
  • CoreOS Patched Against the "Dirty COW" Linux Kernel Vulnerability, Update Now
  • World’s first hack-proof router launched
    Turris Omnia router, tagged the world’s first hack-proof router, was launched yesterday at the CES Unveiled Show in Prague, Czech Republic. As an essential part of any home internet network, routers are rather poorly secured and protected against cyber attack. More often than not, the only security feature is the default password. With easily required internet knowledge and some skills, these routers can be hacked, providing unauthorized access to a complete internet network. From there on, anything is possible.

ARM/FPGA module runs Linux on Arria 10 SoC

iWave’s rugged, Linux-friendly, 95 x 75mm “Arria 10 SoC Module” expands upon the dual-core, ARM/FPGA SoC from Altera with DDR4 and 24 transceivers. The iWave Systems Arria 10 SoC Module builds upon Intel/Altera’s Arria 10 SX SoC, a faster, newer sibling to the Cyclone V SX, which iWave tapped for its Qseven based iW-RainboW-G17M-Q7 COM and iW-RainboW-G17D development board combo. Both the Cyclone V SoC and Arria 10 SoC combine dual-core Cortex-A9 subsystems with FPGA circuitry, but the Arria 10 boosts the ARM clock speed to 1.5GHz, up from 800MHz, and offers a higher end FPGA. Read more

Ubuntu 16.10 Review

The list of major new features in Ubuntu 16.10 is impressive and interesting, but only if you are using the server product. Very little has changed on the desktop side of things other than the included packages being slightly newer. In fact, other than touting the number of applications available as Snaps, the only desktop-focused feature in the release announcement is a developer preview of Unity 8 desktop. To see what the desktop version of Ubuntu 16.10 has to offer compared to the previous 16.04 LTS release, I downloaded the 1.48GB ISO and gave it a try. Below, I take a look at what is new and different. I also take a look at the Unity 8 developer preview. Read more Also: Why is Ubuntu's Unity 8 development taking so long?

NVIDIA 375.10 vs. Linux 4.8 + Mesa 13.1-dev AMD GPU Benchmarks

In prepping for the GeForce GTX 1050 Linux graphics card reviews this week, I've been re-testing my various AMD and NVIDIA graphics cards atop the very latest driver stacks. As a precursor while waiting for the GeForce GTX 1050 Linux review in the days ahead, here are those fresh benchmarks of the other graphics cards. Read more