See you at Fosdem 2020
FOSDEM is the leading open source conference in Europe and it will take place this week-end in Brussels, Belgium. As we have developed open source software since 20 years, we believe we have right to...
View ArticleClik here to view.
Towards ntopng v4: New User Interface Featuring Dark Theme
This February we’ll introduce ntopng v4 and we’re starting to write some blog posts to preview the new features. Let’s start with the user interface. Since v1 the UI has always been the same. People...
View ArticleClik here to view.
Effective TLS Fingerprinting Beyond JA3
JA3 is a popular method to fingerprint TLS connections used by many monitoring tools and IDSs. JA3 focuses on encryption options specified during TLS connection setup to fingerprint the encryption...
View ArticleClik here to view.
Call for Talks for NtopConf ’20
This year the annual ntop conference will take place in Milano, Italy on June 9-10, at Università Bocconi, one of the most prestigious university in Italy. As usual the first day will be used to train...
View ArticleTowards Traffic Behaviour Analysis: Introducing nDPI 3.2
This is to announce the new stable release of nDPI 3.2. The main trend of nDPI is to move from “simple” application protocol detection towards behavioral traffic interpretation. This has been...
View ArticleIntroducing PF_RING 7.6: Flow Processing Made Easy with PF_RING FT
This is to announce a new PF_RING major release 7.6. Besides bug fixes and drivers updates to improve compatibility with latest kernels (including those shipped with Debian 10 and CentOS 8) this...
View ArticleClik here to view.
How We Managed to Turn ntopng Into a Cybersecurity Tool
Last year you have read how we have integrated Suricata support into ntopng. While an IDS is a good source of data, it is just a sensor, how has no knowledge of the big network picture including the...
View ArticleClik here to view.
Securing Flow Collection Using Data Encryption
NetFlow/IPFIX specifications have not considered privacy and confidentiality important. Exported flows are sent over unencrypted channels that prevent them to be exchanged on public networks unless...
View ArticleClik here to view.
Introducing nProbe 9.0: Traffic Behaviour Analysis and High Speed Flow...
This is to introduce nProbe 9.0 stable release whose the two main features are traffic behaviour analysis and high speed flow collection. Traffic Behaviour Analysis When in 2002 nProbe development...
View ArticleIntroducing nScrub 1.4 with IPv6 Support
This is to introduce the new nScrub 1.4 stable. Besides a few bug fixes (mainly to the API) this release introduces many improvements, including: Full IPv6 support both in routing and bridge mode....
View ArticleIntroducing n2n 2.6 with AES Encryption
This is to introduce you the latest n2n 2.6 stable release. This is mostly a maintenance release to address the issues of 2.4 that has been the first release since a long time of silence. The main...
View ArticleClik here to view.
Say Hello To ntopng 4.0: Cybersecurity, Scripting… and a New User Interface
After over one year of work, we’re proud to announce you that ntopng 4.0 is finally out. In this time we have redesigned ntopng for speed and openness, by breaking apart the existing monolithic C++...
View ArticleYou’re invited to the ntop Virtual Meetup: April 2nd
This is to invite you to join or webinar about ntopng v4. We want to introduce you to the new application features, and assist you with first time installation. This will also be the right time to meet...
View ArticleExtending ntopng by Means of Plugins: A Step-by-Step Tutorial
ntopng v4 has introduced the concept of plugins that are short scripts written in Lua. They allow people to code ntopng extensions for triggering alerts when specific conditions are met, or extend the...
View ArticleClik here to view.
Introducing ntopng for MacOS. Finally.
For a long time out MacOS users asked a native ntopng package. Even though we use MacOS and Linux to develop our tools, we didn’t consider important to revamp the MacOS installer (ntopng 1.x has a...
View ArticleClik here to view.
Active Monitoring in ntopng 4.0: ICMP, ICMPv6, HTTP and HTTPS pings with RTT
The latest stable ntopng 4.0 features a Round Trip Time (RTT) monitor which is capable of pinging hosts on a minute-by-minute basis to check: IP reachability with ICMP and ICMPv6 pings Web servers...
View ArticleClik here to view.
ntopng 4.0: A Refreshed Look with Dark Themes!
The latest ntopng 4.0 has a renewed look. The main changes we have introduced are: An always-on-top status bar. Key information on the health and status of the network is essential for the analyst and...
View ArticleClik here to view.
Implementing Network Visibility in Covid-19 Days
Ongoing health emergency demands business to enable employee work from home: call it smart working or (better) remote working. This process puts pressure on the company Internet connection as many (if...
View ArticleClik here to view.
How Active Monitoring Works in ntopng
In v4 we have introduced active monitoring in ntopng and since then we are improving in the 4.1.x development versions. In order to enable it you have to selectd the “System” interface from the top...
View ArticleClik here to view.
Trickbot Malware Analysis Using nDPI and ntopng
Trickbot is a malware distributed via malspam, spam emails containing links for downloading malicious files that infect computers. A pcap file of a trickbot infection named...
View Article