n2n

Introducing n2n 2.4
As announced some months ago, we have resumed the development of n2n, a peer-to-peer VPN we developed some year ago to ease the access to remote ntop installations behind firewalls, that then evolved into a full fledge application. After having put on hold the project for some years fur to lack of time and new priorities, months ago we have decided to resume developments and start developing it again. We have realised that many people started to fork and code on n2n, and thus a part of our work is …
ntop

Introducing @ntop_community Telegram Group
While tools like github and mailing lists can serve developers and experts, sometimes people look for a quick help. For this reason we have create a new Telegram group called @ntop_community that you can use (even from your desktop and mobile) for asking quick help from the community. If you are a ntopng user you can select the “Help and News” menu entry for jumping to the telegram channel. We invite people to join and help supporting other users, as well send us feedback. Thank you! …
nProbe

Introducing per-Second Measurements in nProbe Flow Exports
The need to perform on-time and per-second traffic measurements clashes with protocols such as NetFlow where all counters are cumulative with respect to the flow lifetime. So if you have a flow that lasted 2 minutes and moved X bytes, you have no clue what was the throughput of this flow across the 2 minutes. For this reason people started to shorten flow duration with the drawback of putting a lot of pressure on probes as well to increase the disk space and flow records cardinality on collectors. In essence …
ntopng

ntopng and Time Series: From RRD to InfluxDB, new charts with Time Shift
One of the main concern of our users is the ability to scale ntopng with a large number of hosts/protocols and hence how to scale time series. As already discussed, RRD has many limitations with the increase of number of time series, hence it was time to start exploring new paths. We decided to abstract the ntopng engine from RRD and thus open up the engine to new time series databases. This has enabled us to use InfluxDB to store time series instead of RRD, that (as already discussed) enabled …
PF_RING

How to accelerate Bro with PF_RING FT
We discussed many times about the large quantity of work IDSs have to carry on, and the high CPU load they require, this is the case of Suricata due to the thousands of rules that need to be evaluated for every single packet, but this is also the case of the Bro Network Security Monitor. In a previous post we’ve seen How to accelerate Suricata with PF_RING FT in a few steps. In that guide we leveraged on the flow classification and L7 protocol detection provided by PF_RING FT, to …
ntop

Cloud, IoT, sFlow Traffic Monitoring Tutorials #SFUS18
Last week we have presented two tutorials at the Sharkfest US 2018 edition: sFlow: Theory and practice of a sampling technology [ slides ] Packet monitoring in the days of IoT and Cloud [ slides ] We believe these tutorials are interesting for all those who are using ntop (and non ntop tools) and are willing to learn more about sFlow and traffic monitoring in cloud and IoT environments. Enjoy! …
ntop

Network Traffic and Security Monitoring Using ntopng and InfluxDB
Yesterday our friends at InfluxData organised a meetup at their HQ in San Francisco, CA. For all those who have been unable to attend the event, these are the presentation slides so you can learn more about the transition from RRD to InfluxDB that is happening in ntopng. Please do not forget to provide feedback on the ntop mailing list or on github. Thank you ! …
Announce

Introducing ntopng Edge (nEdge): Monitoring, Service Segmentation and Security for the Network Edge
The network edge, either wired or wireless, is becoming increasingly important as most things now happen there being the place where devices are deployed. Security-wise, central firewalls are too far from the edge, and thus devices can roam freely – and potentially create troubles – in LANs without ever hitting a security device. The consequence is that LANs are becoming increasingly insecure, and the cloud is complicating all of this as it provides in encrypted connections – that are not inspectable by monitoring and security applications – the perfect ingredients …
ntopng

Learning the ntopng Lua API
ntopng is open source, that means you can read its code and modify it according to the GPL license. The current ntopng architecture is based on three layers where the top one is written in Lua and it is used to render the web interface as well to execute periodic activities. In essence the C++/Lua API is a clean way to interact and extend ntopng without having to code in C++. So far we have used this API inside the ntop team without documenting it. This has been a mistake …
n2n

Using n2n to Steer your Internet Traffic and Circumvent Restrictions
Suppose that you are travelling abroad and you need to access some Internet sites that are not available abroad. Or suppose that you want to evade the restrictions of your ISP, of the hotel room where you are currently staying, or the WiFi hotspot you are using for connecting to the Internet. The simplest thing to do is to open a VPN and you’re done. However VPNs are not very flexible and they require a single place where everybody meet and great. n2n instead is based on the peer-to-peer paradigm …
Announce

You’re Invited to the “Monitoring with Time Series” Meetup: San Francisco June 27th
Hi all this is to invite all of you living in San Francisco and in the Bay Area to attend the “Monitoring with Time Series” meetup organised by our friends at InfluxData. I will be speaking about ntop, traffic monitoring, time series and InfluxDB. It will also be a good time to meet with our users, hear suggestions, and (perhaps) complains. The Internet is a nice place, but a physical meeting has no price. The meetup will take place at InfluxData HQ, 799 Market St Suite 400, San Francisco. The …
ntop

Introducing PF_RING 7.2, including PF_RING FT and nBroker
This is to announce a new PF_RING major release 7.2 that includes: Support for Ubuntu 18 as well the latest Debian and CentOS kernels. Many improvements to the FPGA capture modules and the ZC library (that is now able to reserve head room for zero-copy traffic encapsulation/decapsulation, just to mention one). Full support for Containers and Namespaces. Besides many improvements and bug fixes, this release also introduces PF_RING FT, an highly optimized library that assists flow-processing application with L7 classification and filtering, and nBroker, a framework for hardware-based traffic steering and filtering …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe