When it comes to monitor a distributed network, to get a picture of the Network traffic flowing through the uplinks or on critical Network segments, NetFlow like technologies are usually the answer. nProbe Pro/Enterprise and nProbe Cento are software probes that can be used to build versatile sensors able to export flow information in many […]
nDPI: Internals and Frequent Questions
All ntop tools are based on nDPI but not every use is familiar with nDPI internals. We often receive questions about it, and it’s time to answer frequent questions. Q: How nDPI implements protocol detection? A: nDPI includes a list of protocol dissectors (356 as of today) that are able to dissect protocols such as […]
ntopng 6.0 Webinar
Last week we have released ntopng 6.0 that contains many new features and a redesigned user interface. Goal of this webinar is to walk through this new release and show a demo of all the major changes we have introduced. These are the presentation slides, and below you can see the video recording. Enjoy […]
How ntopng Merges Vulnerability Scan with Traffic Monitoring for Better Cybersecurity
ntopng was initially designed as a passive traffic monitoring tool. Over the years we have added active monitoring features such as network discovery, SNMP, and now vulnerability scan. A network vulnerability scanner is a tool designed to identify vulnerabilities (often know as CVEs) in network services such as a web or SSH server by performing […]
Welcome to ntopng 6.0: new Dashboard, Vulnerability Scan, Cloud [beta], Periodic Reports, Threshold-based Alerts
This is to announce ntopng 6.0 a new major release that includes many new features and improvements: ntopng is no longer just a real-time traffic monitoring application: it can now track assets when offline and enable better investigations leveraging on improved historical traffic analysis. Implemented vulnerability reports that can scan hosts, ports, and look for […]
nProbe 10.4 is now Available: Cloud Support and Agent Mode
This is to announce the release of nProbe 10.4. In this version we have made several improvements (including support for new platforms and distributions) as well merged the agent code into the main code base (via -T) on both Linux and Windows. This feature allows you to export (for traffic originated or terminated on the […]
nProbe Cento 1.20 Just Released
This is to announce the release of nProbe Cento 1.20, that is basically a maintenance release that fixes some issues, improved metadata export using nDPI, and adds new platform and distributions support. Below you can find the whole changelog. Enjoy ! Improvements Add ARM support Add support for dumping bad packets (–dump-bad-packets) Add support for […]
nDPI 4.8 is Now Available: Better Performance with Less Memory, Fuzzy Robustness, Many New Protocols
This is to announce the release of nDPI 4.8 that introduces various new protocols (in total 351 protocols and 53 risks), several internal changes to improve packet processing, extension of fuzzing to new components to improve coverage, new algorithms for handling lists with reduced memory and better performance. Protocol changes have been introduced not just […]
Threshold vs Statistical Metric Alerts in ntopng
Threshold alerts and statistical alerts are two different methods for monitoring and detecting unusual or potentially problematic events in various systems, such as network monitoring where anomaly detection is essential. They differ in how they define and identify anomalies: Threshold Alerts Threshold alerts are based on fixed, predefined values or thresholds. You set specific thresholds […]
ntopConf 2023 Videos and Slides are Now Available
The ntop conference and training 2023 was a success: more than 100 people attended it, some of them flying to Italy from other continents. This has been a special event as we have celebrated 25 years since the first release of the original ntop application, and 10 years of ntopng. This was our first international […]