Author: admin

  • Home
  • Articles by: admin
Announce

ntop 2015 Roadmap
Like every year, we have made a short-term plan for the first half 2015. As we are a research-oriented company, we plan to tackle open issues or provide better answer to existing ones. This is our short list of activities we are carrying on: 40 Gbit We are in the process of supporting the new Intel X710 and XL710 network adapters. They are able to operate at 10 and 40 Gbit (1 x 40 Gbit or 4 x 10 Gbit). The PF_RING ZC drivers are under development and on the PF_RING SVN …
ntopng

Using ntop Applications with Docker and OpenStack
In order to ease the deployment of our applications, in addition to source code distribution, we have released binary packages (x64 and ARM) for CentOS/RedHat and Ubuntu/Debian. For PF_RING, that requires to be compiled against the installed kernel version, we have moved to DKMS so that you are no longer required to use the same kernel version we use for packaging it. However the current trend is going towards virtualised environments (not just VMs such as VMware) and IaaS (Infrastructure as a Service) and thus we need to support them.   Docker …
nProbe

Combining System and Network Visibility using nProbe and Sysdig
Introduction When in 1998 we have started the development of the original ntop, there were many Unix tools for monitoring network traffic: ping, tcpdump, netstat, and many others. Nevertheless we have decided to develop ntop, because there was no tool able to show on a simple way what was happening on our network. Early this year we have started the development of some experimental PF_RING kernel module extensions able to give ntop applications visibility of process activities, this in order to bind network traffic with a process name. We have lived once more the …
nProbe

Introducing nProbe v7
After more than three years of work, we are announcing the release of nProbe v7. This is a major evolution of v6 that many of you used in the bast few years. In essence we have worked a lot for improving the application performance, supporting new protocols (including mobile 3G/LTE network monitoring), adding new information elements and moving towards an accurate probe. nProbe still exports the data in NetFlow/IPFIX but we have opened it to new ways of handling monitoring data (e.g. using Splunk and ElasticSearch). This because today we …
nDPI

Running ntopng and nDPI on MacOSX
On Mac OS X users expect simple tool packaging and installation. Initially we planned to distribute .dmg files containing our apps, but then we have decided that in order to support current and future OSX version more easily, this was not the way to go. For this reason we have added support for packaging systems such as HomeBrew (and soon) MacPorts (work is still ongoing but close to the end). Today if you want to run ntopng and nDPI on your OSX box you have the option to: compile everything by …
nDPI

Released nDPI 1.5.1 and ntopng 1.2.1
Today we have released a maintenance version of both nDPI and ntopng that address minor issues present in the previous stable release. In particular for ntopng we have addressed many small security holes identified by security researchers (our thanks go to Luca Carettoni), and thus we encourage you to upgrade when possible; note that for all these attacks you needed a valid ntopng user and password before to perform them, so their danger level is not too high, but still we encourage you too upgrade. Finally this release contains patches and …
PF_RING

Active vs Passive Polling in Packet Processing
From time to time, PF_RING users ask us whether they should use passive polling techniques (i.e. call pfring_poll()) or use active polling that basically means to implement an active loop until the next packet to process becomes available. All those who have read a programming book or attended university classes, might answer that polling is the answer. This also for various other reasons including energy saving in CPUs.  Unfortunately in practice the story is a bit different. If you want to avoid wasting CPU cycles, when you have nothing to do (i.e. …
PF_RING

Using sysdig from PF_RING (and soon from all ntop apps)
Months ago Draios Inc introduced sysdig a kernel module and user-space library for capturing systems events and thus analyse what is happening on a Linux box. The idea has been immediately appealing for us at ntop, this for many reasons: With our tools we can analyse network packets, extract metadata (e.g. URLs, network delays, username who has performed a certain action), but up to the system. In essence even though we install ntopng or nProbe onto a Linux box (either physical or virtual), we currently see packets and we miss …
ntop

Introducing ntopng 1.2
ntopng 1.2 is the result of  10 months of work. We have tried to both introduce new features, and make the product more robust, easy to use, and modern. The result is a simple tool with a refreshed GUI, user preferences, and new reports to display data in new ways. Leveraging on the multi-interface support, ntopng (unless a specific interface is specified) listens on all network interfaces so that you do not have to play with the command line to move from one interface to others All the tables are …
nDPI

Released nDPI 1.5
Today we have have released nDPI 1.5. The main changes include: Support of additional protocols such as Redis, ZeroMQ, Collectd, Megaco. Fixed bugs in existing protocol dissectors and refreshed protocols that changed since the previous release (e.g Skype that is a real moving target). Major improvements of the sample ndpiReader application: Added 10 Gbit DNA/ZC support when capturing live traffic. Added ability to produce JSON reports when reading pcap file traces. Added new protocol encapsulations such as MPLS, PPPoE. Added new protocol/packets statistics (e.g. Ethernet statistics). Fixed bugs when handling IPv6 packets. Introduced …
ntop

Mini-Tutorial: Fresh Install of ntopng on Centos 7
IMPORTANT: This post contains outdated information. See README.compilation for updated instructions. This is how to compile ntopng in a fresh centos 7 x64 installation For the impatient: # yum install -y subversion autoconf automake make gcc libpcap-devel libxml2-devel sqlite-devel libtool glib2-devel gcc-c++ $ svn co https://svn.ntop.org/svn/ntop/trunk/ntopng $ ./autogen.sh $ ./configure $ make $ ./ntopng --help ntopng x86_64 v.1.1.4 (r7865) - (C) 1998-14 ntop.org <snip> Step by step description Pull the source code from the ntop svn repository. To do this, you need first to install subversion using yum as follows $ …
Announce

Introducing ntop Video Tutorials
We have been asked many times to create some videos that introduce novice users to our tools and products. Although English is not our mother tongue, we have decided to take this request seriously and start uploading them on the ntop channel. This said we need your help and we hope that you will contribute by sharing your videos with the whole community. …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe