|FIGURE 1: Nfsight encapsulates attack against SSH servers
sudo apt-get install rrdtool mrtg librrds-perl librrdp-perl librrd-dev nfdump libmailtools-perl php5 bison flex librrds-perl libpcap-dev libdbi-perl picviz fprobe
You’ll be asked two question during this stage of the install. The fprobe install will ask which interface to capture from; typically the default is eth0. For Collector address, respond with localhost:9001. You can opt for a different port but we’ll use 9001 later when configuring the listening component of Nfsen. During the mrtg install, when prompted to answer “Make /etc/mrtg.cfg owned by and readable only by root?" answer Yes.
|FIGURE 2: Nfsen beginning to render data
|FIGURE 3: Configure nfsen.conf for Nfsight
|FIGURE 4: Nfsight’s Top 20
|FIGURE 5: Nfsight Activity Overview