Network Optimization News

How to set up a computer for network monitoring - All for free!

This is not as hard as it looks, once you have done it a time or two you can be up and running in less than
5 minutes, assuming you have high-speed access to the Internet.

Do you have a computer with the following?

  • 2 network cards installed or two on-board LAN ports
  • 1 CDRom drive
  • 256 to 1,024 or more Meg of RAM
  • monitor
  • keyboard
  • mouse (optional -- it is necessary if you boot into the graphics mode, though)

If so, you can be minutes away from having a network monitoring machine up and running that you can insert in your
network and see what is going on. If you follow these instructions it will act as a transparent bridge so no other
machines or routers will know the difference.

The Knoppix CD is a live CD distribution which does not need a floppy or hard drive to run. It is all self contained on
the CD. It uses your RAM as a read/writeable area so you can still install a few programs if need be and edit most of
the configuration files.

You can get the Knoppix iso image from or the English version at http://knopper

The download page for English reading when this article was written is at

Download a CD image of 4.02 or better. A typical file name will be:


The filename ends in -EN and if you speak english then get that one. If you speak German, then get the -DE one.

Now burn that .iso file to a CD using your program of choice (burning the CD image to make a bootable CDRom is
not covered here).

You should insert your machine into the network so it is between the Router and the switch, assuming you want to
monitor traffic going from or to your network and the Internet. You may have to use a crossover cable from one of your
machines LAN ports to the router and a standard network cable from the other LAN port on your machine and the

Internet or Router or ???
| |
| | eth0
_____| |_______________________
|     Monitoring Unit                          |
 eth1  ||
|     Internal Network Switch                |
|| || || || || || || || || || ||
Your internal network users or whatever you want to monitor

Once that is done you can run Knoppix by placing it into your machine and booting up. If you have a limited video card
or an old monitor then you can hit the appropriate key when Knoppix boots up and find the option to boot into text
mode only. You may also want to do this if you have limited RAM.

Once you are booted up and running Knoppix you can do the following:

If you booted to an XWindows look then click on the little computer screen icon next to the house on the bottom tool
bar. If you booted into text mode you do not have to do that.

Now gain root access by typing the following and then Enter:


Now that you are root you can run the following commands to start up your transparent bridge and get traffic flowing
through the machine from one lan port to the other. The IP below was use as an example along with
the default gateway being so change those if your network is on a different IP range. You will want to give
it an IP so that you can get into the machine from another machine on the network. In some cases you might want to
be able to get to it from the Internet so in that case you would have to give it an IP that can be reached from the
Internet and not a 10.x.x.x or 192.168.x.x number.

ifconfig br0 down
brctl delbr br0
ifconfig eth1 down
ifconfig eth0 down
ifconfig eth0 promisc up
ifconfig eth1 promisc up
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig br0 netmask up
route add default gw

It may take a half a minute for traffic to start flowing through the transparent bridge br0.

Once you can do something like:


and it comes back with ping times then you are ready to continue. BTW: hit CTRL C to stop ping.

apt-get update
apt-get install ntop

Say Y or hit enter to install ntop. When it is all done do the following:

mkdir /var/log/ntop/rrd
chmod -R 777 /var/lib/ntop
chmod -R 777 /var/log/ntop

warning: the chmod commands above allow anyone to read/write to those directories that can get to the machine so
keep your machine safe with firewalls or passwords accordingly.

You can now run ntop. You need to run ntop from the console or via SSH first by just running the command:


It will ask you for an admin password and then again to,verify it. This is for the admin interface in ntop.

Once ntop is up and running in  a window you can leave that up and just go to your web browser and put in the URL of:

The :3000 is the special port that the ntop web server runs on.

If you choose the menu item Summary and then Network Load you should see a graph of your traffic. Not all ntop
menu items are used on every system. Most of the time you will only be using the items under Summary or All

You now have a running bandwidth monitoring system. ntop is the only application mentioned here but there are
others installed on the default Knoppix CD already too.

The systems I have installed this routine on vary from a system with a Celeron to one with a P4 CPU Running on
10/100 Realtek chipsets to 10/100/1000 Intel chipsets. From 256 Meg of RAM to 2 GIG. Knoppix runs very well on a
variety of hardware but your mileage may differ.

For more news, click here for the archives.
Sponsored Links

NetEqualizer Bandwidth Control
Simple to use with the
features you need.

Bandwidth Management
Network Bandwidth Prioritization
Take Control Of Your Network!

Bandwidth Control Switch
24 X 10/100 Rate Controlled Ports &
2 X Gig Uplinks For Under $400!

Buy Packeteer Today
Education discounts, Internet
pricing, Rentals, SW Contracts

Bandwidth Control
Web filtering appliance for your
business. WP, Demo, Eval Unit

Bandwidth Control
Software for controlling bandwidth
based on Time, User, IP & Network

Bandwidth Management
High-end Appliances and Software
solutions at affordable prices.

Bandwidth Management
Bandwidth management solutions
for enterprises & service providers

Free Bandwidth Tester
Free bandwidth analysis and reports
using NetFlow. Live Demo online.