ntop is an open source network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way. It includes support for popular tools and protocols such as NetFlow, sFlow, and RRD.
ntop is a hybrid layer 2 / layer 3 network monitor, that is by default it uses the layer 2 Media Access Control (MAC) addresses AND the layer 3 TCP/IP addresses.
ntop users can use a a web browser (e.g. Firefox) to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status. In interactive mode, it displays the network status on the user’s terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.
Key Features
- Sort network traffic according to many protocols including IPv4, IPv6, IPX, DecNet, AppleTalk, Netbios, OSI, DLC, (R)ARP, TCP/UDO, Fibre Channel, and more.
- Show network traffic sorted according to various criteria.
- Display traffic statistics.
- Traffic statistics are saved into RRD databases for long-run traffic analysis.
- Identify the identity (e.g. email address) of computer users.
- Passively (i.e. withou sending probe packets) identify the host OS.
- Show IP traffic distribution among the various protocols.
- Analyse IP traffic and sort it according to the source/destination.
- Display IP Traffic Subnet matrix (who’s talking to who?).
- Report IP protocol usage sorted by protocol type.
- Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks).
- Internet Domain, AS (Autonomous Systems), VLAN (Virtual LAN) Statistics.
- Produce RMON-like network traffic statistics.
- Multithread and MP (MultiProcessor) support.
- Advanced ‘per user’ HTTP password protection with encrypted passwords.
- Python lightweight API for extending ntop via scripts.
- HTTPS (Secure HTTP via OpenSSL).
- VoIP support (SIP, Cisco SCCP and Asterisk IAX).
- NetFlow (including v5 and v9) and IPFIX support.
- Passive remote host fingerprint (courtesy of ettercap).
Website: www.ntop.org
Support:
Developer: Luca Deri and contributors
License: GNU General Public License v3.0
ntop is written in C. Learn C with our recommended free books and free tutorials.
Related Software
| Network 'top' Tools | |
|---|---|
| ntopng | Web-based network traffic monitoring application with an open source version |
| NetHogs | Groups bandwidth by process |
| nload | Real time network traffic monitor for the text console |
| IPTraf-ng | Fork of IPTraf |
| iftop | Displays bandwidth usage on an interface by host |
| ntop | Network traffic probe that shows the network usage |
| IPTraf | Interactive Colourful IP LAN Monitor |
| socktop | Remote system monitor with a rich TUI |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |