Clik here to view.
How to export BGP routing information (AS Path) in network flows
Tools like traceroute have been used for a long time to track the forward path of packets, i.e. the journey of our packets to a remote destination. Unfortunately with traceroute nothing can be said...
View ArticlenDPI 2.6-stable is Out
This new release brings several fixes that make nDPI more stable. Such fixes involve especially DNS and HTTP traffic dissection. Here is the full list of changes: New Supported Protocols and Services...
View ArticleCento 1.6 Stable Just Released
After more than one year since the latest stable release, we are glad to announce cento 1.6-stable. This new release brings stability, fixes and several new features. Among the new features, it is...
View ArticleClik here to view.
ntopng Multilanguage Support: EN, IT, DE and JP
We are happy to announce that ntopng has gone fully international! The following languages are now officially supported: English Italian Japanese German Language files are completely opensource,...
View ArticleClik here to view.
How enable DPI-based Traffic Management in pfSense using nEdge
We have been receiving several inquiries from pfSense users who would love to complement the classical firewall-style pfSense features with the inline Layer-7-based traffic policing offered by nEdge....
View ArticleClik here to view.
Detecting Hidden Hosts and Networks on your (shared) LAN
In theory on switched networks each portion of a LAN is independent. This means that for instance that network 192.168.1.0/24 and 192.168.2.0/24 are using different switch ports that communicate...
View ArticleMonitoring Containerised Application Environments with eBPF
Earlier this week ntop and InfluxData held a joint webinar about monitoring containerised applications. We have discussed solution for monitoring both legacy (e.g. non-containerised) and containerised...
View ArticleClik here to view.
ntopConf 2019 Retrospective
On May 8-9th we have organised our yearly event, in Padova, Italy. The first day was dedicated to training and the second day to the conference. Overall about 150 people attended the event, and we’re...
View ArticlePackets vs Flows: Which Option is the Best?
One of the most difficult steps on a monitoring deployment scenario is to choose where is the best point where traffic has to be monitored, and what is the best strategy to observe this traffic. The...
View ArticleClik here to view.
Telemetry Data in ntopng: Giving Back to the Community
The latest ntopng 3.9 dev gives you the possibility to choose whether to send telemetry data back to ntop. We collect and analyze telemetry data to diagnose ntopng issues and make sure it’s functioning...
View ArticleClik here to view.
TLS/SSL Analysis: When Encryption and Safety Are Not Alike
Most people think that SSL means safety. While this is not a false statement, you should not take it for granted. In fact while your web browser warns you when a certain encrypted communication has...
View ArticleReleased nProbe Cento 1.8
This is to announce the release of nProbe Cento 1.8 stable release. This is a maintenance release where we have made many reliability fixes and added new options to integrate this tool with the latest...
View ArticleClik here to view.
Talking about Network, Service, and Container Monitoring at InfluxDays
Later this week the ntop team will attend InfluxDays, June 13-14, London, UK. We’ll be talking about traffic monitoring in containerised environments, and give you an outlook of our roadmap. If you...
View ArticleClik here to view.
Introducing nProbe Agent: Packetless, System-Introspected Network Visibility
A few months ago at FOSDEM we introduced the concept of network and container visibility through system introspection and we released an opensource library based on eBPF that can be used for this...
View ArticleClik here to view.
System-Introspected Network and Container Visibility: A Quick Start Guide
Recently, we have introduced the concept of network and container visibility through system introspection and also demonstrated its feasibility with an opensource library libebpfflow. In other words,...
View ArticleIntroducing PF_RING Configuration Wizard
Getting started with PF_RING can be a bit tricky as it requires the creation of a few configuration files in order to setup the service, especially when ZC drivers need to be used. First of all it...
View ArticleBuilding a (Cheap) Continuous Packet Recorder using n2disk and PF_RING [Part 2]
Continuous packet recorders are devices that capture raw traffic to disk, providing a window into network history, that allows you to go back in time when a network event occurs, and analyse traffic up...
View ArticleMeasuring nProbe ElasticSearch Flow Export Performance
nProbe (via its export plugin) supports ElasticSearch flows export. Setting up nProbe for the ElasticSearch export is a breeze, it just boils down to specifying option --elastic. For example, to export...
View ArticleClik here to view.
Containers and Networks Visibility with ntopng and InfluxDB
For a while we have investigated how to combine system and network monitoring in a simple and effective way. In 2014 we have done a few experiments with Sysdig, and recently thanks to eBPF we have...
View ArticleClik here to view.
New Challenges in DPI Protocol Detection
In the early Internet days, each network protocol was designed for a specific purpose: SMTP for sending emails, HTTP for the web and so on. In order to make sure that implementations where compliant...
View Article