Clik here to view.
Using ElasticSearch to Store and Correlate Ntopng Alarms
With the introduction of ntopng endpoints and recipients, it is now possible to handle alerts in a flexible fashion by means of recipients. ntopng embeds a SQLite database for turn-key alert storage...
View ArticleClik here to view.
A Step-by-Step Guide on How to Write a ntopng Plugin from Scratch
In ntopng you can write plugins to extend it with custom features. This short tutorial explains you how to do that step-by-step. Here we drive you through the creation of a plugin for generating alerts...
View ArticleReleased nDPI 3.4: detection speed, statistical analysis, fuzzing, cybersecurity
This is to announce the release of nDPI 3.4 that is a major step ahead with respect to 3.2: Detection speed has been greatly optimised Many new functions for statistical protocol analysis have been...
View ArticleIntroducing PF_RING 7.8: ZC support for new Intel adapters and much more
This is to announce a new PF_RING major release 7.8. The main changes in this release include: The new ice ZC driver supporting E800 Series 100 Gigabit Intel adapters. Hardware timestamp support for...
View ArticleIntroducing n2disk 3.6: full L7 support, fast flow export, replay rate control
This is to announce a new n2disk release 3.6. This release adds full support for indexing and retrieving traffic based on the Layer-7 application protocol. This can now be enabled even when flow export...
View ArticleIntroducing nProbe Cento 1.12: Combining Visibility and Cybersecurity at 100...
This is to announce the released of cento 1.12 that is a maintenance release for ntop’s 100 Gbit probe. In this version we have integrated support of the latest nDPI features to combine processing...
View ArticleSecurity-Centric Traffic Analysis
Days ago we have given a short speak about cybersecurity at an Italian meetup. These are the presentation slides (English) where you can read more about the steps we have taken to make our tools more...
View ArticleIntroducing nProbe 9.2: Collection Pass-Through and Reforge, OpenWRT support,...
This is to announce the release of nProbe 9.2. The main new features of this release are focused on flow collection speed and flexibility in particular for modern JSON-based flow consumers. This is to...
View ArticleSay Hello to ntopng 4.2: Flexible Alerting, Major Speedup, Scada, Cybersecurity
We are pleased to introduce ntopng 4.2 that introduces several new features and breakthroughs while consolidating the changes introduced with 4.0. The main goals of this release include Enhance and...
View ArticleClik here to view.
Howto Write a Telegram Alert Endpoint for ntopng
Telegram is a popular messaging application that many people use daily to do instant messaging and receive notifications. As of ntopng 4.2, it is now possible to deliver alerts to external entities...
View ArticleClik here to view.
You’re Invited to the ntop MiniConference 2020: November 24th, December 3rd...
This year due to the pandemic, we had to cancel our scheduled community event. Considered that we have introduced many new features in our tools we would like to invite you to an online...
View ArticleUsing ntop tools on VyOS
VyOS is a popular open-source router and firewall platform based on Linux, and some of our users asked us to support it natively. This post explains you how to achieve that in a few simple steps....
View ArticleClik here to view.
Embedding ntop: Nokia Beacon and Ubiquity UniFi Dream Machine
The latest generation of network devices are pretty powerful and open. This means that such devices ship with a Linux-based distribution such as OpenWRT or UniFI OS. In these devices it is possible to...
View ArticleClik here to view.
Using ntopng as network sensor for SecurityOnion (and integrated with Suricata)
SecurityOnion (SO) is a popular Linux distribution for threat hunting and security. It included ElasticSearch as backend for storing alerts as well as Kibana-based web interface. SO includes out of the...
View ArticleClik here to view.
Dec 3rd, ntop miniconf 2020 part II: ntopng
This is a reminder for the second part of our mini-conference 2020 scheduled for this Thursday, December 3rd 4 PM CET/10 AM EST. This time we’ll focus on the latest ntopng 4.2 features. We have the...
View ArticleClik here to view.
Exploiting Arista MetaWatch with n2disk and ntopng: HighRes Timestamping and...
Precise packet timestamping is a key feature for network traffic analysis and troubleshooting. Traditionally many people use FPGA-based NICs with precise timestamping (e.g. Napatech, Silicom) even...
View ArticleClik here to view.
Dec 10th, ntop miniconf 2020 part III: nProbe and n2disk (on embedded systems)
This is a reminder for the third and last part of our mini-conference 2020 scheduled for this Thursday, December 10th 4 PM CET/10 AM EST. This time we’ll focus on the latest nProbe and n2disk features...
View ArticleClik here to view.
Efficiently Detecting and Blocking SunBurst Malware
Earlier this month a new highly evasive malware attacker named SunBurst has been disclosed. Immediately some countermeasures have been disclosed and in particular some Snort/Suricata rules have been...
View ArticleClik here to view.
A Step-By-Step Guide for Protecting Your Network with nScrub
Distributed Denial of Service (DDoS) attacks represent a family cyber-attacks that are more and more common nowadays. They aim to make the service unavailable by overwhelming the victim with high...
View ArticleClik here to view.
ntopng, InfluxDB and Grafana: A Step-By-Step Guide to Create Dashboards
Creating Grafana dashboards out of ntopng data basically boils down to: Configuring ntopng to export timeseries data to InfluxDB Configuring the Grafana InfluxDB datasource to extract timeseries data...
View Article