summaryrefslogtreecommitdiff
path: root/network/ntop/README.SLACKWARE
diff options
context:
space:
mode:
Diffstat (limited to 'network/ntop/README.SLACKWARE')
-rw-r--r--network/ntop/README.SLACKWARE82
1 files changed, 15 insertions, 67 deletions
diff --git a/network/ntop/README.SLACKWARE b/network/ntop/README.SLACKWARE
index 0186ed3daa..fc5a973188 100644
--- a/network/ntop/README.SLACKWARE
+++ b/network/ntop/README.SLACKWARE
@@ -22,58 +22,10 @@ If you want to use a different user and/or group under which to run
ntop, you can pass alternate values to the NTOPUSER and NTOPGROUP variables
when running the build script.
-1) Download extra databases
----------------------------
-
-After building & installing the ntop package, you might want to
-follow these extra steps:
-
-1.1) GeoIP tables
-
-To identify the location of the external hosts your netwerk connects
-to, ntop uses GeoIP. You will need to download the latest tables to
-your ntop server and store them in /etc/ntop:
-
- # cd /etc/ntop
- # wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
- # gunzip -c GeoLiteCity.dat.gz > GeoLiteCity.dat
- # wget http://geolite.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz
- # gunzip -c GeoIPASNum.dat.gz > GeoIPASNum.dat
-
-Both files are updated regularly (about once a month). There are some
-suggestions below on how to keep your ntop server up-to-date.
-
-1.2) OS fingerprint database
-
-ntop tries to identify the Operating System from the captures packages by
-searching for a "fingerprint". It uses a table that needs to be downloaded
-from the ettercap project on SourceForge:
-
- # cd /etc/ntop
- # wget -O etter.finger.os http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD
-
-This file hasn't been updated since 2005, so it doesn't identify the more
-modern OSs (Slackware 13.0 is identified as "Debian Linux" :-/ ) but it still
-might be helpful.
-
-1.3) OUI database
-
-All MAC addresses contain a "Organizationally Unique Identifier" (OUI) to
-identify the manufacturer. These OUIs are assigned by the IEEE Standards
-Association. A table is included with ntop, but new OUIs are assigned almost
-every day, so you might want to update the file now, before starting ntop:
-
- # cd /etc/ntop
- # wget http://standards.ieee.org/regauth/oui/oui.txt
- # gzip -c oui.txt > oui.txt.gz
-
-Since this file changes frequently, check the suggestions later in this file
-on how to keep your ntop server up-to-date.
-
-2) Start & Stop scripts for ntop
+1) Start & Stop scripts for ntop
--------------------------------
-2.1) Automatic startup and shutdown
+1.1) Automatic startup and shutdown
If you want to start ntop on system bootup, include these lines in your
/etc/rc.d/rc.local:
@@ -93,14 +45,14 @@ To guarantee a clean shutdown of ntop, include this in
/etc/rc.d/rc.ntop stop
fi
-2.2) Make /etc/rc.d/rc.ntop executable
+1.2) Make /etc/rc.d/rc.ntop executable
Additionally, you'll have to set the rc script to be executable just like
any other Slackware rc script:
# chmod +x /etc/rc.d/rc.ntop
-3) Set the administrator password
+2) Set the administrator password
---------------------------------
When ntop is installed at the first time, you MUST set the administration
@@ -113,7 +65,7 @@ For example:
It will prompt you for the password and then exit.
-4) Starting ntop
+3) Starting ntop
----------------
Now you are ready to start ntop by calling the startup script:
@@ -135,21 +87,11 @@ Fore more documentation on ntop, check:
There are also some mailing lists you can subscribe to, that can be found on
the pages mentioned above.
-*** NOTE ***
-* There have been some reports about ntop crashing (segfault) after any
-* period between a couple of minutes to several hours.
-* If this happens on your system, try disabling DNS resolution either from
-* the menu (admin/configure/startup options/IP Prefs) or changing the rc.ntop
-* file, adding the "-n" option to the line that starts ntop:
-* /usr/bin/ntop --w3c -u $NTOPUID -n -d >> $NTOPLOG 2>&1
-* ^^
-*** end ***
-
-5) Keeping your ntop tables up-to-date
+4) Keeping your ntop tables up-to-date
--------------------------------------
-Now that your ntop server is running, you might want to keep the tables we
-installed earlier updated automatically.
+Now that your ntop server is running, you might want to keep some of the
+tables that are installed updated automatically.
I do this with a few simple shell scripts I copy to the /etc/cron.xxxx/
directories, where xxxx stands for:
@@ -168,7 +110,13 @@ My suggestions are:
Don't forget to make the script executable.
-The following scripts are examples, feel free to adapt them to your reality:
+The following scripts are examples for the GeoIP and OUI tables, feel free
+to adapt them to your reality.
+
+The "OS Fingerprint" table has not changed for over five years, so I did not
+create a script for it.
+It you want, you can check for updates at:
+http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD
=============================================================================
*********************