Best practices for using Bro IDS with PF_RING ZC. Reliably.
Zero copy technologies such as PF_RING ZC allow applications to read packets in memory without any actor involved, being it the kernel or a memory copy. This is the reason why using ZC you can easily...
View ArticleClik here to view.
Monitoring BitTorrent Traffic with ntopng
ntopng has been designed not just for network administrators, but also for small companies and in particular for families. How often you have seen traffic on your network that you did not expect and...
View ArticleClik here to view.
Exploring Historical Data Using ntopng: Part 2
ntopng is able to deliver monitored traffic flows data to a MySQL server. We have already discussed how to configure ntopng to deliver this data in another blog post. In this article we discuss the new...
View ArticleClik here to view.
How to Build a 100$/€ “Augmented” NetFlow/IPFIX Probe
One of main problems of flow-based devices is their high cost or poor monitoring capabilities (nothing beyond IPv4 packets and bytes). At ntop we believe that network visibility is much more than this,...
View ArticleClik here to view.
Advanced Flow Collection with ntopng and nProbe
In flow-based monitoring there are two main components: the probe (a.k.a. flow exporter) and the flow collector/analyser. Usually NetFlow/sFlow is a push mode paradigm as network devices have almost no...
View ArticleCommoditizing 10/25/40/100 Gbit with PF_RING ZC on Intel FM10K
As you know we’re working at 100 Gbit for a while, not just in terms of network speed, but also in terms of redesigning existing applications for being more efficient and powerful (BTW stay tuned as...
View ArticleClik here to view.
How to Analyse MikroTik Traffic Using ntopng
MikroTik routers are pretty popular in particular in the wireless community and many users of the original ntop are familiar with it. With the advent of ntopng, we have decided to avoid natively...
View ArticleClik here to view.
Learn more about ntopng at RIPE72
This week we will attend the RIPE 72 meeting in Copenhagen, DK. Thanks to Martin Winter (co-founder of NetDEF) we will speak about ntopng at two events on Thursday, May 26th: At 11AM we will...
View ArticleReleased nDPI 1.8
This is to announce the release of nDPI 1.8. In this version we have updated many protocol dissectors, simplified the API as well started to introduce changes that will be further improved in future...
View ArticleHow to Build a 2×10 Gbit Packet Recorder using n2disk and PF_RING (2016 Update)
Earlier in 2014 we advised how to build a continuous packet recorder using n2disk and PF_RING. Since that time computing architectures have progressed, we have added support for new ethernet...
View ArticlePF_RING 6.4 Just Released
This is to announce the release of PF_RING 6.4 that contains various improvements, new network adapters supported in ZC mode (including Intel 100 Gbit), and bug fixes. Developers can access the...
View Articlen2disk 2.6 Just Released
This is to announce the release of n2disk 2.6. In this release we have made many changes to the indexing system adding a new flow-based index that should improve packet retrieval as well pave the way...
View ArticleTweaking MySQL to Improve ntopng Flows Storage Space Usage
This is the first post that tries to give hints on how to tweak MySQL settings to better accomodate flows exported by ntopng. In particular, in this post it is discussed how to improve disk space...
View ArticleIntroducing nProbe 7.4
This to announce the release of nProbe 7.4. We have worked hard in this version to improve it in several way by better integrating it with ntopng, improving network performance metrics computation,...
View ArticleClik here to view.
Introducing nProbe Cento: a 1/10/40/100 Gbit NetFlow/IPFIX Probe, Traffic...
Traditionally ntop has focused on passive traffic analysis. However we have realized that the traffic monitoring world has changed and looking at network flows is no longer enough: People want to...
View ArticleAnnouncing ntopng 2.4: Efficiency is Beauty
At ntop we are on a mission to develop enterprise-grade networking software, mostly open-source, and free of charge for no-profit/research organizations. Since our inception, we have been passionately...
View ArticleBest Practices for Efficiently Running ntopng
The default ntopng configuration, is suitable for most of our users who deploy it on a home network or small enterprise network (typically a /24 network) with link speed <= 100 Mbit. This does NOT...
View Articlentopng 2.6 Roadmap
As we have released 2.4, it is now time to plan for the next release and highlight the list of features we plan to implement so we can start a discussion and get some feedback. The major changes we...
View ArticleFlow-based Monitoring: nProbe Cento vs Standard/Pro
Since the introduction of nProbe Cento, we receive periodically emails of users wondering what are the differences between these two applications. This post is to clarify the differences, and better...
View ArticleYou’re Invited to the ntop Users Meeting and (free) Tutorial
Earlier this year we have held a ntop meetup in USA. Now we want to invite you to attend the ntop users meeting that will take place on October 17th (2 PM-5 PM), during the SharkFest Europe 2016...
View Article