If you are using HeX, you can track your network statistic easily with the use of both darkstat and ntop, and here I will show you the simple way of doing it. Both darkstat and ntop are accessible through the right click menu -> NSM-Toolkit -> Session -> Darkstat or Ntop.
It is pretty straighforward to get darkstat to run -
It is pretty straighforward to get darkstat to run -
shell>sudo darkstat -i lnc0 -b 127.0.0.1 -p 5555
To run ntop -
Set the admin password so that you can access to the web interface -
shell>sudo ntop -u nobody --set-admin-password=whatever
shell>sudo chmod 777 /var/db/ntop
In order to make it start on boot, I add this part to the file - /etc/rc.conf
ntop_enable="YES"
ntop_flags="-i lnc0 -w 127.0.0.1:3000 -d --use-syslog=daemon"
Then I start it -
shell>/usr/local/etc/rc.d/ntop start
Now you can access the web gui by typing this in your browser -
Darkstat
http://127.0.0.1:5555
Ntop
http://127.0.0.1:3000
If you are opening this via localhost, you may figure firefox browser won't be displaying the graphs properly even you have java script enabled in the browser, here's simple trick to fix it, just do -
shell>rm -rf ~/.mozilla/firefox
Restart your firefox and you are done.
Some screenies below -
I will continue to write the tips and tricks for the HeX liveCD, if you find any network security monitoring tools that listed in the menu you want to use but don't know how, feel free to email me and I will post the write up. In fact I'm thinking of doing screencast tutorial, let me know what do you guys think about that?
Enjoy (;])
2 comments:
Hi,
Have installed Hex and am trying to follow above. Assume it should say "sudo chmod 777 /var/db/ntop" because I get an error otherwise. However, at next step firefox doesnt find anything on either 127.0.0.1:5554 or port 3000.
Please advise how to check that service is running?
JS
try ps ax
Post a Comment