Author: admin

  • Home
  • Articles by: admin
ntopng

How to use ntopng in compliance with GDPR
Today the General Data Protection Regulation (GDPR) (EU) 2016/679 is effective in the European Union. GDPR is designed to protect personal data and thus preserve privacy in particular as specified in articles 13 to 22, and 34. As we manufacture tools for traffic monitoring, we’ve to make sure that our tools can be used in compliancy with GDPR. In particular we’ve implemented a couple of features that can be useful: If you go select “Preferences” from the ntopng menu, and click on the “Misc” pane you can access the preference for …
ntop

Webinar Invitation: ntop traffic analysis and flow collection with InfluxDB
Hi all, this is to invite all of your to the How ntop built their high-speed Web-based traffic analysis and flow collection with the use of InfluxDB webinar, organised by our friends at InfluxData. The event will take place May 29th at 8AM PST (5PM CET). I will be talking about traffic monitoring and timeseries, why we used RRD, and how we have integrated InfluxDB (including ongoing developments). …
ntopng

ntopng goes Elastic: Introducing ElasticSearch 6 Support
As you ntopng users know, out of the Elastic toolset ntopng supports both ElasticSearch and LogStash. You can use them using the -F flag: --dump-flows|-F] <mode> | Dump expired flows. Mode: | es Dump in ElasticSearch database | Format: | es;<mapping type>;<idx name>;<es URL>;<http auth> | Example: | es;ntopng;ntopng-%Y.%m.%d;http://localhost:9200/_bulk; | Notes: | The <idx name> accepts the strftime() format. | <mapping type>s have been removed starting at | ElasticSearch version 6. <mapping type> | values whill therefore be ignored when using | versions greater than or equal to 6. | …
nProbe

Using nProbe for Collecting Palo Alto Flows
NOTE: This article is outdated. Please see “Collecting Proprietary Flows with nProbe” for learning  how to collect proprietary Palo Alto flows. nProbe is both a probe and a NetFlow/sFlow collector. As you all know, we have recently added the ability to collect flows with proprietary information elements. However we natively support in nProbe popular flow exporter devices such as Cisco NBAR and Palo Alto security devices. In this article we show you how to collect the latter flows in nProbe. A typical Palo Alto flow is depicted below. As explained …
ntopng

Welcome to ntopng 3.4: Improved Alerts/SNMP/Asset Discovery, InfluxDB/Prometheus Support
We’re happy to announce the release of ntopng 3.4 that introduces several enhancements and new features, some of which will be finalised in 3.6 due later this year. This version consolidates several months of work and paves the way to more radical changes planned for the next release. In particular beta features present in this version include support for InfluxDB and Prometheus so that you can use ntopng for exporting traffic data towards time-series databases (you can read about influx and prometheus). We have also revamped the alert implementation and introduced initial …
Announce

Introducing nProbe 8.4: New Metrics and Extensions, Improved Kafka Support
This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy ! Main New Features Implements Kafka batching, options parsing, and variable number of producers Adds Kafka messages transmission statistics New Options --plugin-dir to load plugins from the specified directory --adj-from-as-path to get previous/next adjacent ASNs from BGP AS-path --disable-sflow-upscale to disable sFlow upscaling Extensions Implemented ICMP network latency Added ICMP …
Announce

Released nDPI 2.2.2: 7 New Protocols, Many Improvements
This is to announce a minor nDPI release update that adds a few fixes and introduces support for popular cloud protocols such as Google and Apple push service. Below you can find the complete changelog. Enjoy! Main New Features Initial experimental Hyperscan support ndpi_get_api_version API call to be used in applications that are dynamically linking with nDPI –enable-debug-messages to enable debug information output Increased number of protocols to 512 New Supported Protocols and Services GoogleDocs GoogleServices AmazonVideo ApplePush Diameter GooglePlus WhatsApp file exchage Improvements WhatsApp detection Amazon detection Improved Google …
nProbe

Improved nProbe Kafka Export Support: Theory and Practice
Kafka is a distributed messaging system widely used in the industry. Kafka can be deployed on just a small server but it can also scale up to span multiple datacenters. Given the scale and variety of possible Kafka deployments, it is desirable to have flexible, configurable producer applications able to adapt to and robustly feed any Kafka real-world deployment. nProbe, thanks to its export plugin, can be configured as a Kafka producer for the streaming of monitored/collected flows to categories called known as topics. The latest nProbe 8.3.x has been extended …
Announce

Introducing Multi-language Support in ntopng
Traditionally all ntop tools have manuals and user interface in English. As sometimes our users are not really familiar with it, we have decided to introduce user interface translation of the user interface so that we can make those users more comfortable when using ntopng. As the moment we have added support for Italian and German, but we might consider adding further languages in the future. When you first login to ntopng after installation you will notice that there is a new menu that allows you to set the language …
nProbe

Traffic directions, port mirrors and taps
Network taps have the ability to preserve traffic directions as based on the port you’re monitoring it is possible to know id traffic is going A -> B or B->A. With port mirrors you completely loose this information (this unless you creare a port mirror per direction, not always possible on all network switches) as directions are mixed up and thus typical breakdown charts in/down don’t work. In order to overcome this limitation, in nProbe mimic directions using MAC addresses. In essence if you know the MAC address of your …
nDPI

Is your Android phone safe? nDPI will tell you
Weeks ago I have added support for GoogleServices detection in nDPI and thus I wanted to test the code with real traffic. For this reason I started to play with a few Android phones in order to test the code on various OS releases and implementations. This is what I found out. The testbed was very simple: disable 3G/4G, start a packet sniffer application such a tcpdump/wireshark so that I could dump all traffic, connect the phone to a WiFi hotspot and wait< 1 minute without doing anything (start applications …
Announce

Introducing nProbe Cento 1.4 with Hardware Flow Offload
This is to announce the new 1.4 stable release of nProbe cento. The most important feature that comes with this new version is definitely the support for hardware flow offloading as well as various bug fixing and improved netflow template definition. We recently discussed the benefits of hardware flow offloading in another blog post. Hardware flow offloading alleviates, to a great extent, the pressure put on the CPU by intensive tasks such as classification (associating single packets to flows for accounting and deep packet inspection). Basically, hardware flow offloading means that …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe