Posted by: sutrisno | July 10, 2009

Instalasi NTOP di mandriva 2008

Di tengah kesibukan sebagai kuli di PT Samudera Indonesia khususnya di PT Mtcon.aku tambah ilmu lagi dari sini,ini juga dari teman -teman sesama team Kampret(sebutan kami).Sudah lama vakum menulis di wordpress….jadi ingin menulis pengalaman lagi neh….

O ya ini ada sedikit catatan tutorial yang pernah saya praktikkan ,maaf tulisannya jelek dan awut-awutan…karena ini untuk konsumsi diri sendiri….narsis deh ….
Inilah langkah menginstall Ntop di mandriva 2008
[dudul@kampretmtcon tutorial]$ su
Password:
[root@kampretmtcon tutorial]# urpmi graphviz

ftp://ftp.riken.go.jp/pub/Linux/mandrake/official/2008.1/i586/media/main/updates/graphviz-2.16.1-3.1mdv2008.1.i586.rpm
installing graphviz-2.16.1-3.1mdv2008.1.i586.rpm from /var/cache/urpmi/rpms
Preparing… #############################################
1/1: graphviz #############################################
[root@kampretmtcon tutorial]# urpmi rrdtool rrdcollect rrdtool-tcl
[root@kampretmtcon tutorial]# mkdir /var/lib/ntop/rrd
[root@kampretmtcon tutorial]# mkdir /var/lib/ntop/rrd/graphics
[root@kampretmtcon tutorial]# mkdir /var/lib/ntop/rrd/flows
[root@kampretmtcon tutorial]# mkdir /var/lib/ntop/rrd/interfaces
[root@kampretmtcon tutorial]# chown ntop.ntop /var/l
lib/ local/ lock/ log/
[root@kampretmtcon tutorial]# chown ntop.ntop /var/lib/ntop/rrd/
[root@kampretmtcon tutorial]#

[root@kampretmtcon tutorial]# chmod 777 /var/lib/ntop/
[root@kampretmtcon tutorial]# urpmi ntop

ftp://ftp.riken.go.jp/pub/Linux/mandrake/official/2008.1/i586/media/contrib/release/ntop-3.3-3mdv2008.1.i586.rpm
installing ntop-3.3-3mdv2008.1.i586.rpm from /var/cache/urpmi/rpms
Preparing… #############################################
1/1: ntop #############################################
———————————————————————-
More information on package ntop-3.3-3mdv2008.1.i586
There are some manual steps you need to do, first start /usr/sbin/ntop to set
the admin password, please consilte the docs/1STRUN.txt file for more info. After
that change directory to /etc/ntop and execute the makecert.sh script to
generate the ntop-cert.pem file.

Have fun!
———————————————————————-
[root@kampretmtcon tutorial]#ntop -set-admin-password
Mon Jul 13 10:55:39 2009 NOTE: Interface merge enabled by default
Mon Jul 13 10:55:39 2009 Initializing gdbm databases
Mon Jul 13 10:55:39 2009 ntop will be started as user nobody
Mon Jul 13 10:55:39 2009 **WARNING** -s set so will ATTEMPT to open interface w
/o promisc mode (this will probably fail below)
Mon Jul 13 10:55:39 2009 ntop v.3.3
Mon Jul 13 10:55:39 2009 Configured on Mar 26 2008 8:08:32, built on Mar 26 20
08 08:08:55.
Mon Jul 13 10:55:39 2009 Copyright 1998-2007 by Luca Deri
Mon Jul 13 10:55:39 2009 Get the freshest ntop from http://www.ntop.org/
Mon Jul 13 10:55:39 2009 NOTE: ntop is running from ‘ntop’
Mon Jul 13 10:55:39 2009 NOTE: (but see warning on man page for the –instance
parameter)
Mon Jul 13 10:55:39 2009 NOTE: ntop libraries are in ‘/usr/lib’
Mon Jul 13 10:55:39 2009 Initializing ntop
Mon Jul 13 10:55:39 2009 No patterns to load: protocol guessing disabled.
Mon Jul 13 10:55:39 2009 Checking eth0 for additional devices
Mon Jul 13 10:55:39 2009 Resetting traffic statistics for device eth0
Mon Jul 13 10:55:39 2009 Initializing device eth0 (0)
Mon Jul 13 10:55:39 2009 DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Mon Jul 13 10:55:39 2009 Initializing gdbm databases
Mon Jul 13 10:55:39 2009 VENDOR: Loading MAC address table.
Mon Jul 13 10:55:39 2009 VENDOR: Checking for MAC address table file
Mon Jul 13 10:55:39 2009 VENDOR: Loading newer file ‘/etc/ntop/specialMAC.txt.g
z’
Mon Jul 13 10:55:39 2009 VENDOR: …found 61 lines
Mon Jul 13 10:55:39 2009 VENDOR: …loaded 59 records
Mon Jul 13 10:55:39 2009 VENDOR: Checking for MAC address table file
Mon Jul 13 10:55:39 2009 VENDOR: Loading newer file ‘/etc/ntop/oui.txt.gz’
Mon Jul 13 10:55:41 2009 VENDOR: …found 70000 lines
Mon Jul 13 10:55:41 2009 VENDOR: …loaded 11006 records
Mon Jul 13 10:55:41 2009 Fingerprint: Loading signature file
Mon Jul 13 10:55:41 2009 Fingerprint: Checking for Fingerprint file… file
Mon Jul 13 10:55:41 2009 Fingerprint: Loading file ‘/etc/ntop/etter.finger.os.g
z’
Mon Jul 13 10:55:41 2009 Fingerprint: …loaded 1765 records
Mon Jul 13 10:55:41 2009 ASN: Checking for Autonomous System Number table file
Mon Jul 13 10:55:41 2009 **WARNING** ASN: Unable to open file ‘AS-list.txt’
Mon Jul 13 10:55:41 2009 I18N: This instance of ntop does not support multiple
languages
Mon Jul 13 10:55:41 2009 IP2CC: Checking for IP address Country Code mappin
g file
Mon Jul 13 10:55:41 2009 IP2CC: Loading file ‘/etc/ntop/p2c.opt.table.gz’
Mon Jul 13 10:55:41 2009 IP2CC: …found 52395 lines
Mon Jul 13 10:55:41 2009 **ERROR** Failed to connect to MySQL: Access denied fo
r user ‘root’@’localhost’ (using password: NO) [localhost:root::ntop]
Mon Jul 13 10:55:41 2009 Initializing external applications
Mon Jul 13 10:55:41 2009 THREADMGMT[t3052530576]: NPA: network packet analyzer
(packet processor) thread running [p8631]
Mon Jul 13 10:55:41 2009 THREADMGMT[t3052530576]: NPA: Started thread for netwo
rk packet analyzer (eth0)
Mon Jul 13 10:55:41 2009 THREADMGMT[t3043965840]: SFP: Fingerprint scan thread
starting [p8631]
Mon Jul 13 10:55:41 2009 THREADMGMT[t3043965840]: SFP: Started thread for finge
rprinting
Mon Jul 13 10:55:41 2009 THREADMGMT[t3035573136]: SIH: Idle host scan thread st
arting [p8631]
Mon Jul 13 10:55:41 2009 THREADMGMT[t3035573136]: SIH: Started thread for idle
hosts detection
Mon Jul 13 10:55:41 2009 THREADMGMT[t3027180432]: DNSAR(1): Address resolution
thread running
Mon Jul 13 10:55:41 2009 THREADMGMT[t3027180432]: DNSAR(1): Started thread for
DNS address resolution
Mon Jul 13 10:55:41 2009 THREADMGMT[t3018787728]: DNSAR(2): Address resolution
thread running
Mon Jul 13 10:55:41 2009 THREADMGMT[t3018787728]: DNSAR(2): Started thread for
DNS address resolution
Mon Jul 13 10:55:41 2009 THREADMGMT[t3010395024]: DNSAR(3): Address resolution
thread running
Mon Jul 13 10:55:41 2009 THREADMGMT[t3010395024]: DNSAR(3): Started thread for
DNS address resolution
Mon Jul 13 10:55:41 2009 Calling plugin start functions (if any)
Mon Jul 13 10:55:41 2009 SSL is present but https is disabled: use -W for enabling it
Mon Jul 13 10:55:41 2009 INITWEB: Initializing web server

ntop startup – waiting for user response!

Please enter the password for the admin user:
Please enter the password again:
Mon Jul 13 10:55:54 2009 Admin user password has been set
Mon Jul 13 10:55:54 2009 INITWEB: Initializing TCP/IP socket connections for we
b server
Mon Jul 13 10:55:54 2009 INITWEB: Initialized socket, port 3000, address (any)
Mon Jul 13 10:55:54 2009 INITWEB: Waiting for HTTP connections on port 3000
Mon Jul 13 10:55:54 2009 INITWEB: Starting web server
Mon Jul 13 10:55:54 2009 THREADMGMT[t3002002320]: WEB: Server connection thread
starting [p8631]
Mon Jul 13 10:55:54 2009 Note: SIGPIPE handler set (ignore)
Mon Jul 13 10:55:54 2009 THREADMGMT[t3002002320]: WEB: Server connection thread
running [p8631]
Mon Jul 13 10:55:54 2009 WEB: ntop’s web server is now processing requests
Mon Jul 13 10:55:54 2009 THREADMGMT[t3002002320]: INITWEB: Started thread for w
eb server
Mon Jul 13 10:55:54 2009 Listening on [eth0]
Mon Jul 13 10:55:54 2009 Loading Plugins
Mon Jul 13 10:55:54 2009 Searching for plugins in /usr/lib/ntop/plugins
Mon Jul 13 10:55:54 2009 RRD: Welcome to Round-Robin Databases. (C) 2002-07 by
Luca Deri.
Mon Jul 13 10:55:54 2009 PDA: Welcome to PDA. (C) 2001-2005 by L.Deri and W.Bro
ck
Mon Jul 13 10:55:54 2009 Remote: Welcome to Remote. (C) 2006-07 by L.Deri
Mon Jul 13 10:55:54 2009 NETFLOW: Welcome to NetFlow.(C) 2002-07 by Luca Deri
Mon Jul 13 10:55:54 2009 SFLOW: Welcome to sFlow.(C) 2002-04 by Luca Deri
Mon Jul 13 10:55:54 2009 ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Der
i
Mon Jul 13 10:55:54 2009 LASTSEEN: Welcome to Host Last Seen. (C) 1999 by Andre
a Marangoni
Mon Jul 13 10:55:54 2009 Calling plugin start functions (if any)
Mon Jul 13 10:55:54 2009 RRD: Welcome to the RRD plugin
Mon Jul 13 10:55:55 2009 RRD: Mask for new directories is 0700
Mon Jul 13 10:55:55 2009 RRD: Mask for new files is 0066
Mon Jul 13 10:55:55 2009 RRD_DEBUG: Parameters:
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpInterval 300 seconds
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpShortInterval 10 seconds
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpHours 72 hours by 300 seconds
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpDays 90 days by hour
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpMonths 36 months by day
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpDomains no
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpFlows no
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpHosts no
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpInterfaces yes
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpASs yes
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpMatrix no
Mon Jul 13 10:55:55 2009 RRD_DEBUG: dumpDetail high
Mon Jul 13 10:55:55 2009 RRD_DEBUG: hostsFilter
Mon Jul 13 10:55:55 2009 RRD_DEBUG: rrdPath /var/lib/ntop/rrd
Mon Jul 13 10:55:55 2009 RRD_DEBUG: umask 0066
Mon Jul 13 10:55:55 2009 RRD_DEBUG: DirPerms 0700
Mon Jul 13 10:55:55 2009 THREADMGMT[t2993609616]: RRD: Data collection thread s tarting [p8631]
Mon Jul 13 10:55:55 2009 THREADMGMT: RRD: Started thread (t2993609616) for data collection
Mon Jul 13 10:55:55 2009 INIT: Created pid file (/var/run/ntop.pid)
Mon Jul 13 10:55:55 2009 THREADMGMT[t3071887040]: ntop RUNSTATE: INITNONROOT(3)
Mon Jul 13 10:55:55 2009 Now running as requested user ‘nobody’ (65534:65534)
Mon Jul 13 10:55:55 2009 Note: Reporting device initally set to 0 [eth0] (merge d)
Mon Jul 13 10:55:55 2009 THREADMGMT[t3035573136]: SIH: Idle host scan thread ru nning [p8631]
Mon Jul 13 10:55:55 2009 THREADMGMT[t3043965840]: SFP: Fingerprint scan thread running [p8631]
Mon Jul 13 10:55:55 2009 THREADMGMT[t3071887040]: ntop RUNSTATE: RUN(4)
Mon Jul 13 10:55:55 2009 THREADMGMT[t2985216912]: NPS(eth0): pcapDispatch threa d starting [p8631]
Mon Jul 13 10:55:55 2009 THREADMGMT[t2985216912]: NPS(eth0): pcapDispatch threa d running [p8631]
Mon Jul 13 10:55:55 2009 THREADMGMT[t2985216912]: NPS(1): Started thread for ne twork packet sniffing [eth0]
Mon Jul 13 10:56:05 2009 **ERROR** RRD: Disabled – unable to create base direct ory (err 13, /var/lib/ntop/rrd)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: