ntopng – Network Traffic Analysis and Flow Collection

ntopng is the next generation version of the original ntop, providing web-based network traffic monitoring...

Networking Tools Linux Open Source

ntopng is the next generation version of the original ntop, providing web-based network traffic monitoring and analysis. It offers real-time visibility into network flows, protocols, and hosts with an intuitive browser interface. Network administrators use ntopng to identify bandwidth hogs, detect anomalies, and understand traffic patterns across their infrastructure.

📑 Table of Contents

Key Features

  • Web Interface – Modern, responsive dashboard accessible from any browser
  • Flow Analysis – Deep packet inspection and flow classification
  • Protocol Detection – Identify applications using nDPI
  • Historical Data – Store and analyze traffic over time
  • Alerting – Threshold-based notifications
  • GeoIP – Geographic visualization of traffic sources
  • Active Monitoring – Continuous host discovery and service detection

Installation

# Debian/Ubuntu
wget https://packages.ntop.org/apt/22.04/all/apt-ntop.deb
sudo dpkg -i apt-ntop.deb
sudo apt update && sudo apt install ntopng

# RHEL/CentOS
sudo dnf install epel-release
sudo dnf install ntopng

# Start service
sudo systemctl start ntopng
sudo systemctl enable ntopng

Configuration

# /etc/ntopng/ntopng.conf
-i=eth0
-w=3000
-m=192.168.1.0/24
--community

# Access web interface
# http://localhost:3000
# Default: admin / admin

Command Line Options

# Run with specific interface
sudo ntopng -i eth0

# Multiple interfaces
sudo ntopng -i eth0 -i eth1

# Analyze pcap file
sudo ntopng -i /path/to/capture.pcap

Use Cases

ntopng is ideal for network monitoring, bandwidth management, troubleshooting connectivity issues, security analysis, and capacity planning.

Download ntopng

You May Also Like

ProxyChains – TCP Connection Proxy Router

lazydocker – Terminal UI for Docker

Was this article helpful?