• ntopng High-speed web-based traffic analysis.

  • nDPI Identify hundreds of L7 protocols.

  • Get Started! Go to the download page

Packet Capture

Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.

Traffic Recording

10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

nProbe: NetFlow v5/v9/IPFIX probe for analysing Gbit networks at full speed. Distribute network probes on the network, sending traffic information towards a central traffic analysis console such as ntopng.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
  • Released nDPI 1.7

    This is to announce the release of nDPI 1.7. In addition to many new/updated dissectors, the main change of this release is the ability to identify subprotocols. For instance a DNS request Facebook is not identified as DNS.Facebook (previously only … Continue reading

  • Using ntopng to Implement a WiFi Access Point with Layer 7 Traffic Enforcement

      This post will teach you how to create a cheap WiFi access point able to enforce layer-7 application protocols. In order to do this you can use a cheap RaspberryPi or BeagleBoard with a USB WiFi stick, or use … Continue reading

  • Lessons learnt at #SharkFest15

    Last week we have made a couple of presentations at SharkFest 2015, introducing to the Wireshark community what ntopng is about. The most interesting part has been the feedback of those who attended the talks who commented on “how to integrate … Continue reading

  • Exploring your traffic using ntopng with ElasticSearch+Kibana

    ntopng allows you to export monitoring data do external sources. For low-traffic sites, SQLite and the ntopng historical interface can be a good option. As your traffic increases you are forced to put your data on a database if you … Continue reading

  • Say hello to ntopng 2.0

    After 9 months of development, we are pleased to announce the release of ntopng 2.0. This is a major release as we have reworked many application components and made the application robust and usable by mid/large companies and ISPs. We … Continue reading

  • Introducing nDPI 1.6

    This is to announce the availability of nDPI 1.6, a maintenance release that consolidates this open source deep packet inspection library. This is going to be the last version of the 1.x branch, as we plan (see the enhancements we … Continue reading

  • News @ ntop: Github, Mobile-Aware web site, IPv6, Travis

    Even though these might look like cosmetic changes, we are committed to create better software to serve our community. In the past couple of weeks: We have migrated the server to a new site that is now IPv4 and IPv6. You … Continue reading

  • Do you want to work for ntop?

    As ntop software is increasing in popularity, we need help for supporting our users and working at new developments. Therefore we are looking for someone to join our development time, help us, and assist the user community.   Job Description … Continue reading

  • PF_RING Deep Dive: Interview with Ivan Pepelnjak

    In late March, Ivan Pepelnjak interviewed me on Software Gone Wild about ntop and ntopng, and in a second interview about PF_RING. The main topic of the second interview have been: What is the difference between PF_RING and the Linux built-in packet capturing … Continue reading

  • PF_RING 6.0.3 Just Released

    Today we have released PF_RING 6.0.3,  a maintenance release that includes many fixes and small changes. The release changelog is listed below. PF_RING Library New pfring_open() flag PF_RING_USERSPACE_BPF to force userspace BPF instead of in-kernel BPF with standard drivers New … Continue reading