Author: admin

  • Home
  • Articles by: admin
ntop

ntop User’s Group Meeting at Shakfest EU 2017
Those who have not been able to attend our ntop meeting at Sharkfest Europe 2017 can find our presentation slides below Sharkfest EU 2017 – Intro Sharkfest EU 2017 – hardware-flow-offload Sharkfest EU 2017 – beautiful monitoring with ntopng and grafana Sharkfest EU 2017 – microprobes Sharkfest EU 2017 – extcap, remote wireshark and demo Sharkfest EU 2017 – EdgeTrafficMonitoring Sharkfest EU 2017 – what’s new, new products and roadmap We need your feedback and we could be glad if our community could give us guidance in the next steps. …
ntopng

Network Device Discovery. Part 1: Active Discovery
Since its introduction in 1998, ntop(ng) has been a pure (well beside DNS address resolution if enabled) passive network monitoring tool. Recently we have complemented it with active device discovery in order to find out if there are silent devices in our network, and what services/OS our devices are featuring. In this article we will analyze how active discovery works, leaving to a future article the analysis of passive discovery. Active discovery can be started on demand from the menu     or from the network preferences to enable periodic …
ntopng

ntopng Grafana Integration: The Beauty of Data Visualizazion
Disclaimer This article is outdated: please see this document for using ntopng with grafana Summary Grafana is one of the most widely known platforms for metrics monitoring (and alerting); ntopng version 3.1 natively integrates with Grafana thanks to a datasource plugin which is freely available; This article explains how to install and configure the ntopng datasource plugin, and how to build a dashboard for the visualization of ntopng-generated metrics. A video tutorial is available as well: Introduction Grafana is an open platform for analytics and visualization. An extremely-well engineered architecture makes …
ntop

You’re Invited to the ntop and Wireshark Users Group Meeting
On November 7th we will be organising the ntop meetup during the Sharkfest EU 2017 that will take place in Portugal. You can find all details here. This year we will be focusing on cybersecurity, IoT and user traffic monitoring, as well on Wireshark. In fact during our talk at Sharkfest we won’t have enough time to explain in detail all our activities for turning (or complementing) Wireshark into an effective monitoring tool and not just a packet dissector. We welcome all users of our community (attendance of Sharkfest EU is …
ntopng

Announcing ntopng and Grafana Integration
Disclaimer This article is outdated: please see this document for using ntopng with grafana This is to announce the release of the ntopng Grafana datasource that you can find on the grafana website. Using this plugin you can create a Grafana dashboard that fetches data from ntopng in a matter of clicks. To set up the datasource visit Grafana Datasources page and select the green button Add a datasource. Select ntopng as the datasource Type in the page that opens. The HTTP url must point to a running ntopng instance, …
ntop

20 Years of ntop and Beyond
This month it’s 20 years that I have started the ntop project. Initially it was a hobby project, willing to understand what was really flowing on a network after having spent 5 years playing with OSI that was clearly a dead end (whoever used FTAM to download a file and compared it with FTP/NFS or drag-and-drop on a Mac desktop, understands what I mean), even for me that just graduated from university. My initial idea behind ntop was to create a simple tool able to enable network visibility without having …
Guides

When Live is not Enough: Connecting ntopng and nProbe via MySQL for Historical Flows Exploration
Using nProbe in combination with ntopng is a common practice. The benefits of this combination are manyfold and include: A complete decoupling of monitoring activities (taking place on the nProbe) from visualization tasks (taking place on ntopng); The capability of building distributed deployments where multiple (remote) nProbe instances send monitored data towards one or more ntopng instances for visualization; A comprehensive support for the collection, harmonization and visualization of heterogeneous flow export protocols and technologies, including NetFlow V5/v9/V10 IPFIX and sFlow; Full support for any proprietary technology that sends custom …
ntop

Network Monitoring Deep Dive: Interview with Scott Schweitzer
In early August, Scott Schweitzer interviewed me about network monitoring and packet capture. The conversation has been very broad, and I have covered various topics ranging from packet capture, network traffic analysis, deep packet inspection, IoT (Internet of Things) and cybersecurity. You can hear my view on this market, and what we’re doing at ntopng to tackle new challenges, as well what we envisage the (hardware) networking industry should provide developers in terms of new products. This is because after being almost 20 years on this industry, looking back at …
ntopng

How to use ntopng for Realtime Traffic Analysis on Fritz!Box Routers
Fritz!Box routers are popular devices that many people use to connect to the Internet. Inside these routers there is a hidden (i.e. not accessible from the router web admin page, but that you access directly with a web browser by writing the whole URL) URL http://192.168.2.1/html/capture.html (BTW replace the 192.168.2.1 IP address with your Fritz!Box router IP if you have changed it) that can be used to dump router traffic in pcap format. While pcaps are good for troubleshooting, most people need to know what is happening on their network in realtime, …
ntop

How to Monitor and Troubleshoot an Unfamiliar Network
At ntop we use wireshark to dissect traffic and to learn how to make our tools better. We’re not typical packet-oriented users however, as we want to see traffic as a whole and not packet-by-packet. This has been the motivation for contributing to wireshark for extending it towards a more monitoring-oriented tool. Above you can see the video (and slides) of our presentation at the Sharkfest US 2017 conference.     …
nDPI

How to Enhance Wireshark with DPI, latency measurement and more
This week at Sharkfest US 17, we have presented the ntop contributions to wireshark. In particular: How to use nDPI to complement Wireshark traffic classification How to remote capture on a remote box at 10/401/100 Gbit and stream traffic securely to wireshark via SSH Same as above but extracting packets from TBytes (of pcaps)  using pcap indexes How to turn wireshark into a traffic monitoring tool able to measure traffic and network latency. For those who have not attended the session (recording will appear soon on the sharkfest web site), …
ntopng

Integrating ntopng with Grafana
Last week the NYC Metrics and Monitoring meetup invited ntop to give a talk. The topic was how to open ntopng so that it can become a gateway for producing network metrics that could be used by popular applications and frameworks such as Snap-io, Prometheus or Influx. The first result of this activity is the integration of ntopng with Grafana that we plan to complete in July. Here you can see the presentation slides  where you can have an idea of the work we’re doing. If you are interested in using …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe