Quantcast
Channel: ntop
Browsing all 544 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Combining traffic recording with visibility at 100 Gbps

A few months ago, with ntopng 3.8, we introduced support for continuous traffic recording, that allows you to drill down historical data from the timeseries level up to raw packets. This is useful when...

View Article


Image may be NSFW.
Clik here to view.

Packets vs eBPF/System Events: Positioning nProbe vs nProbe Agent

nProbe (and ntopng) is a traditional packet-based application, whose lifecycle is Capture a packet and dissect/decode it Update the representation in memory of the network traffic (e.g. the flow table)...

View Article


Image may be NSFW.
Clik here to view.

Merging Infrastructure and Traffic Monitoring: Integrating ntopng with Icinga

Icinga2 is an open source monitoring system which checks the availability of hosts and services, notifies users of outages and generates performance data for reporting. Thanks to its scalability and...

View Article

Image may be NSFW.
Clik here to view.

Using RFC8520 (MUD) to Enforce Hosts Traffic Policies in ntopng

RFC8520 (Manufacturer Usage Description) specifies what is the intended (from the manufacturer standpoint) network behaviour of a network device. Being it defined in JSON format by the device...

View Article

Image may be NSFW.
Clik here to view.

How Encryption Changed Network Traffic (Monitoring). Finally.

For years traffic monitoring tools assumed traffic was in clear text. This because when the Internet was created all the main protocols such as DNS, HTTP, SMTP, Telnet, POP were in clear. With this...

View Article


Introducing nDPI v3: Encrypted/Malware Traffic Analysis with Ease

Those who though that DPI died with the advent of traffic encryption should play with nDPI v3 that we’re introducing today. As already discussed, the pervasive use of encrypted traffic requires a new...

View Article

nProbe Cento 1.10 is Out

After nDPI v3 release, today we have rolled out an incremental update of nProbe Cento. In addition to fixing a few issues, we introduce in Cento some of the fingerprints implemented by nDPI so that we...

View Article

Image may be NSFW.
Clik here to view.

Do You Know What Hackers Hide in SSL/TLS?

ntop believes that the future of traffic monitoring and network security will be played by the ability to inspect the behaviour of encrypted communications. It is fortunate that Sam Bocetta, a...

View Article


Image may be NSFW.
Clik here to view.

Finding a Needle in a Haystack (was Traffic Disaggregation with Sub...

Network traffic moving across a link often contains various types of traffic, for example in large companies it can include a mix of traffic coming from: Employees network Core company servers Guests...

View Article


New Directions in Network Traffic Security: Homework for 2020

Summary With today’s traffic, most network IDSs (NIDS) have severe limitations in terms of visibility and ability to be easily circumvented by malware (for instance running a known service on a...

View Article

Image may be NSFW.
Clik here to view.

ntopng & Suricata: Unifying Visibility with Security

This week we have presented at Suricon 2019 our work about unifying ntopng with Suricata. In short: Suricata is a great tool for analysing individual flows but It lacks a GUI It is blind to security...

View Article

Packet-less traffic analysis using Wireshark and libebpfflow

If you wonder how you can use Wireshark with containers, you now have a solution. This week we have presented at Sharkfest EU 2019 how we have integrated libebpfflow, our home-grown eBPF-based library...

View Article

Spotting Plaintext Information in Network Protocols

In short: encryption does not always mean that all the information exchanged is really encrypted. Another myth is that many people believe that the equation “encryption = security” holds. Unfortunately...

View Article


Image may be NSFW.
Clik here to view.

Exploring Physical Network Topologies Using ntopng

ntop tools are known for monitoring network traffic. However this traffic has to flow on physical networks and thus it is important to understand the physical network layout. LLDP (Link Layer Discovery...

View Article

How to use nDPI from CLI to analyse network traffic

Most people use nDPI indirectly being it part of ntopng and many other non-ntop developed tools. However not many people know that nDPI can also be used from the command line to analyse network...

View Article


Image may be NSFW.
Clik here to view.

Rethinking Network Flow Visualisation

Traffic monitoring applications often aggregate traffic in flows, that in essence is a way to divide traffic according to a 5-tuple key (Protocol, IP/port source/destination). Flows are then aggregated...

View Article

Image may be NSFW.
Clik here to view.

Introducing Automatic Package Update in ntopng

One of the most useful features in applications, is the ability to Update the application with a matter of click with no need to move to the terminal console. Instruct the system to update the...

View Article


Introducing n2disk 3.4: 100 Gbit Traffic Dump to Disk

This is to announce a new n2disk release 3.4. In addition to major performance optimisations with FPGA-based NICs, this release adds new interesting features including the ability to filter traffic...

View Article

Important Geolocation Changes in ntop Products

ntop products have been using geolocation databases provided by MaxMind for a long time, to augment network IP addresses with geographical coordinates (cities, countries) and information on the...

View Article

Image may be NSFW.
Clik here to view.

Encrypted Traffic Analysis: A Primer

Monitoring encrypted traffic is must for providing visibility in modern traffic. Due to this we’ve put a lot of energy in extending nDPI so that it could be useful in this context. DPI (deep packet...

View Article
Browsing all 544 articles
Browse latest View live