This is to announce the release of nProbe 10.4. In this version we have made several improvements (including support for new platforms and distributions) as well merged the agent code into the main code base (via -T) on both Linux and Windows. This feature allows you to export (for traffic originated or terminated on the […]
nProbe Cento 1.20 Just Released
This is to announce the release of nProbe Cento 1.20, that is basically a maintenance release that fixes some issues, improved metadata export using nDPI, and adds new platform and distributions support. Below you can find the whole changelog. Enjoy ! Improvements Add ARM support Add support for dumping bad packets (–dump-bad-packets) Add support for […]
nDPI 4.8 is Now Available: Better Performance with Less Memory, Fuzzy Robustness, Many New Protocols
This is to announce the release of nDPI 4.8 that introduces various new protocols (in total 351 protocols and 53 risks), several internal changes to improve packet processing, extension of fuzzing to new components to improve coverage, new algorithms for handling lists with reduced memory and better performance. Protocol changes have been introduced not just […]
Threshold vs Statistical Metric Alerts in ntopng
Threshold alerts and statistical alerts are two different methods for monitoring and detecting unusual or potentially problematic events in various systems, such as network monitoring where anomaly detection is essential. They differ in how they define and identify anomalies: Threshold Alerts Threshold alerts are based on fixed, predefined values or thresholds. You set specific thresholds […]
ntopConf 2023 Videos and Slides are Now Available
The ntop conference and training 2023 was a success: more than 100 people attended it, some of them flying to Italy from other continents. This has been a special event as we have celebrated 25 years since the first release of the original ntop application, and 10 years of ntopng. This was our first international […]
How to Monitor What Matters
Yesterday we have been invited to the NetEye Users Group Meeting to give a speech about monitoring and cybersecurity. During the talk we covered out 25 years journey in this industry and the decisions we have made during that time: Network vendors provide (after 25 years) poor monitoring data: flaws, proprietary formats, sampling, device limitations […]
Announcing ntop Professional Training: November 2023
ntop tools range from packet capture, traffic analysis and processing, and sometimes it is not easy to keep up on product updates as well master all the tools. This has been the driving force for organising ntop professional training: . This is to announce that in May we have scheduled the next ntop Professional Training […]
How to Send ntopng Alerts to PagerDuty
PagerDuty is a popular incident-response platform that allows problem notifications to be delivered in a flexible way to the correct team member. We have integrated it in ntopng Enterprise and this post shows you howto configure it. First of all you need to create a PagerDuty account and select a plan (there is a free […]
How nDPI Improved Bloom Filters Implementation
A Bloom filter is. probabilistic data-structure used to test whether an element is present in a set. Blooms are affected by false positives, meaning that when a bloom returns true it does not mean that the searched element is part of the set but that it is “likely” to be part of the set. nDPI […]
How Effective Are IP Blacklists When Used For Detecting Malicious Activities?
A blacklist is an access control mechanism which denies access to selected network resources to peers belonging to a curated list. Blacklists often represent the first line of defence for many networks as they can reduce internal hosts’ risk of establishing communications with peers with a bad reputation. Many companies use blacklists for detecting malicious […]