admin, Author at ntop - Page 4 of 39

nDPI

July 31, 2024

Positioning ntopng vs nProbe for Traffic Analysis

Recently we have compared the use of nDPI in a realtime application (ntopng) and a near-realtime (nProbe). We have captured a short pcap with some mixed traffic and analysed it with both applications. The expectation was to find comparable results between the two applications, but this happened only partially. This blog posts explains the main differences between the two tools and why there are some discrepancies in results. In our tests, we have configured both nProbe and ntopng to analyze the same pcap and write results on two different ClickHouse …

ntopng

July 29, 2024

HowTo Extend ntopng with new Host/Flow Checks and Alerts

ntopng can be easily extended with new host/flow checks and alerts. They are developed in C++ with a few Lua files used by the UI to configure the check and format the emitted alerts. In order to introduce you to thir development, we have written a short guide that shows you step-by-step how to develop a simple check and alert. If you want you can see a code example of host check that rtiggers an alert when a server contacted a new port after a learning period. If you have …

ntopng

July 24, 2024

HowTo Export ntopng Alarms to Checkmk Event Console

Checkmk is a popular platform for monitoring IT infrastructure. ntopng has been integrated in Checkmk some time ago, enabling users to provide traffic visibility in additional to classic bytes/packets metrics. As ntopng is able to produce traffic alerts that, we have decided to extend ntopng in order to export alert information towards Checkmk event console where alerts are received.This guide will walk you through configuring ntopng and Checkmk to enable this functionality. In order to do so, within ntopng, it’s necessary to configure a new Endpoints as well as a …

cento

July 23, 2024

Advancements in Traffic Processing Using Programmable Hardware Flow Offload

This week we have presented at the IEEE HPSR (IEEE International Conference on High Performance Switching and Routing) our latest work that shows how nProbe can benefit of acceleration provided by modern SmartNICs to achieving multi-100 Gbit traffic processing (both passive and inline) on low-end servers while deep-packet inspecting traffic using nDPI. If you want to know more about it, you can view the presentation slides, or read thw paper. Your feedback is welcome. Enjoy ! …

ntopng

July 17, 2024

Extended Multilanguage Support in ntopng: Korean, Spanish and French

This is to announce that ntopng now enables users to use a new languages: Korean, Spanish and French. We have also improved translations of German and Italian. The translation is done using an automatic tool so, we cannot guarantee that the translation is completely correct. Error or typos are accepted as a GitHub issue: please open a ticket if you find problems. To change language click on the top right icon in ntopng and enter in the admin page A popup will open, select language and a list of available …

ntop

July 9, 2024

ntop and Endian Enter Partnership for Open Source OT Monitoring

ntop develops monitoring tools for IT and OT networks, whereas Endian is a leading Italian company that develops a Secure Digital Platform for OT networks. Both companies use and develop open source tools that can be a key value in OT networks where most tools are proprietary. This partnership allows both companies to complement each other and offer better tools for their user community. The complete announcement can be found at this page. Enjoy ! …

ntop

July 8, 2024

You’re Invited to the ntop Community Call: Thu July 18th, 15:00 CET, 9:00 AM EST

This is to invite you to the next ntop community call that is scheduled for Thu July 18th, 15:00 CET, 9:00 AM EST. The topics we would like to discuss with our community include Planning for the next ntop Conference 2024/25: decide conference location, contents, format and details. Discuss about other potential community meeting (either in person or virtual) Preview of the upcoming stable released scheduled for late July. Feedback and Q&A This event does not require registration and you can simply add it to your calendar using this link …

nProbe

July 4, 2024

HowTo Use nProbe to Detect and Shape Traffic Using DPI

Not all the nProbe users know that they can use nProbe not just as a passive monitoring tool, but also for shaping and dropping netwok traffic based on DPI. Ryan Claridge has filled the gap by writing a great article that explains that in detail. Enjoy ! …

ntop

June 2, 2024

Upcoming Events: CheckMK Conference and Interop Tokio

In the next couple of weeks we’ll be active in meeting our user community at two events: As you know ntopng is natively integrated with CheckMK. CheckMK Conference that will take place on June 11-13 in Munich, Germany. The ntop team will organize a one-day workshop about ntopng and cybersecurity. Thanks to our partner for Japan Jupiter Technology Company, ntop tools will be presented at Interop Tokio 2024. Below you can find an introductory video. Hope to meet our community in person ! …

ntop

May 29, 2024

ELLIO and ntop partnership: combining cybersecurity with high-speed network traffic analysis

Prague, Czech Republic / Pisa, Italy, May 29, 2024 – ELLIO, a provider of real-time, highly accurate intelligence for filtering of unwanted network traffic and cybernoise, and ntop, a provider of open-source and commercial high-speed traffic monitoring applications, have announced a partnership to enhance visibility into malicious traffic originating from opportunistic scans and attacks within the network traffic monitoring tool ntopng. ELLIO empowers ntopng’s users with advanced insights into mass exploitations, botnets, and other widespread activities on the Internet. By integrating a highly accurate and real-time ELLIO: Feed, ntopng’s users …

ntop

May 28, 2024

ELLIO for ntopng: HowTo Prevent CyberAccidents Using Blacklists

Time is one of the main problems in cybersecurity. Detecting issues after they have happened can cost you money and resources to restore the system. Network traffic monitoring tools have as goal to show what is happening on a network. Traditionally, monitoring protocols such as IPFIX/NetFlow export monitoring data periodically and often limit their analysis to the protocol header, thus the flow collector is partially blind as it is informed after a certain event happened with limited contextual information. In ntop tools we operate in real-time with pre-labelled information thanks …

nProbe

May 23, 2024

HowTo Use Cloud Licenses

As discussed in our spring webinar, it is now possible to use (in beta) cloud licenses with ntopng and nProbe. Contrary to standard licenses that are bound to a physical system (based on the systemId), cloud licenses are “floating” as the same license file can be used on multiple hosts, of course not simultaneously (i.e. only one system at time can use the license). This is good news for those who use containers or VMs as they do no have to pay attention to the systemId anymore. If you want …

Author: admin

Positioning ntopng vs nProbe for Traffic Analysis

HowTo Extend ntopng with new Host/Flow Checks and Alerts

HowTo Export ntopng Alarms to Checkmk Event Console

Advancements in Traffic Processing Using Programmable Hardware Flow Offload

Extended Multilanguage Support in ntopng: Korean, Spanish and French

ntop and Endian Enter Partnership for Open Source OT Monitoring

You’re Invited to the ntop Community Call: Thu July 18th, 15:00 CET, 9:00 AM EST

HowTo Use nProbe to Detect and Shape Traffic Using DPI

Upcoming Events: CheckMK Conference and Interop Tokio

ELLIO and ntop partnership: combining cybersecurity with high-speed network traffic analysis

ELLIO for ntopng: HowTo Prevent CyberAccidents Using Blacklists

HowTo Use Cloud Licenses

Explore

Newsletter