Hi there, I got (and paid for) the Windows version of ntop. After a first watch and a quick analysis of my Internet traffic I've seen that most of the traffic fall under the "other tcp/udp" category. After reading the user's guides / faq, and after some searches on google I found the way to customize my services file (not the one under windows folder but the one on ntop "root" folder) and I've modified the startup "-p" parameter to tell ntop to use a custom file containing the protocols categories I'd like to classify. Ntop's behabiour is still the same. Still 85% of other traffic. Just to make a test I've added RDP (tcp 3389) on the services file and added a reference to my protocol.list file. Obviously I've restarted the service but rdp traffic do not appear on IP stats (and nowhere else). Any help would be very appreciated. Thanks in advace Carlo
Here is my protocols.list file: ---------------------------------------------- FTP=ftp|ftp-data,HTTP=http|www|https|3128,DNS=name|domain,Telnet=telnet|login,NBios-IP=netbios-ns|netbios-dgm|netbios-ssn,Mail=pop-2|pop-3|pop3|kpop|smtp|imap|imap2,DHCP-BOOTP=67-68,SNMP=snmp|snmp-trap,NNTP=nntp,NFS=mount|pcnfs|bwnfs|nfsd|nfsd-status,RDP=rdp,SIP=sip ---------------------------------------------- And this is the portion of the services file where I've added rdp (and sip) ---------------------------------------------- # # CDB - 09.06.2007 # rdp 3389/tcp # Microsoft Terminal Services sip 5060/udp # SIP ----------------------------------------------
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
