• Newsletter
  • Working at ntop
  • E-Shop Legal Information
  • E-Shop Terms and Conditions
  • GitHub
  • Resellers
ntop
  • Home
  • Blog
  • Products
    • Packet Capture
      • PF_RING
      • PF_RING ZC (Zero Copy)
      • PF_RING FT (Flow Table)
      • nBroker
    • Traffic Recording & Replay
      • n2disk
      • disk2n
      • nBox Recorder
    • Flow-based Traffic Analysis
      • nProbe
      • nProbe™ Agent
      • nProbe™ Cento
      • nBox NetFlow/IPFIX
    • Traffic Analysis and Enforcement
      • ntopng
      • ntopng Edge
    • Deep Packet Inspection
      • nDPI
    • DDoS Mitigation and VPN
      • nScrub
      • n2n
  • Support
    • Documentation
      • FAQs
      • User’s Guides
      • Video Tutorials
    • Need Help?
      • Bug Report
      • Contact Us
      • Community Support
      • Commercial Support
    • Misc
      • Code Security
      • Contributor License Agreement
      • Brochures
  • GitHub
  • Get Started
  • About
    • About Us
    • The ntop Team
    • ntop Conference
    • Credits
    • Partners
    • Resellers
    • Legal Information
    • Privacy Policy
    • Locations
    • Resources
  • Shop

Combining nDPI and Wireshark for Cybersecurity Traffic Analysis

Posted April 26, 2021 · Add Comment

At the upcoming Sharkfest Europe 2021 we’ll talk about using Wireshark in cybersecurity. Part of the talk will focus on nDPI and Wireshark integration. Since the last release nDPI features flow risk analysis, that is basically a numerical indication of … Continue reading →

Read More

Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)

Posted February 3, 2021 · Add Comment

We are proud to announce that a couple of talks have been accepted at FOSDEM 2021, one of the most important FOSS conferences in the world that this yar will take place online due to the pandemic. In the Network … Continue reading →

Read More

Security-Centric Traffic Analysis

Posted October 23, 2020 · Add Comment

Days ago we have given a short speak about cybersecurity at an Italian meetup. These are the presentation slides (English) where you can read more about the steps we have taken to make our tools more cybersecurity-oriented. Below you can … Continue reading →

Read More

How Attack Mitigation Works (via SNMP)

Posted August 26, 2020 · Add Comment

One of the greatest strengths of ntopng is its ability to correlate data originating at different layers and at multiple sources together. For example, ntopng can look at IP packets, Ethernet frames and, at the same time, poll SNMP devices. … Continue reading →

Read More

How to Detect Domain Hiding (a.k.a. as Domain Fronting)

Posted August 19, 2020 · Add Comment

Domain fronting is a technique that was used in 2010s by mobile apps to attempt to bypass censorship. The technique relies on a “front” legitimate domain that basically acts as a pivot for the forbidden domain. In essence an attacker … Continue reading →

Read More

Mice and Elephants: HowTo Detect and Monitor Periodic Traffic

Posted August 4, 2020 · Add Comment

Most people are used to top X: top senders, top receivers, top protocols. So in essence they are looking for elephants. While this is a good practice, mice are also very interesting as they can often be hidden in the … Continue reading →

Read More
 
  • Popular
  • Recent
  • Comments
  • Tags
  • PF_RING 6.0.3 Just ReleasedToday we have released PF_RING 6.0.3  a maintenance release that [...]
  • ntopng Deep Dive: Interview with Ivan PepelnjakLast month Ivan Pepelnjak interviewed me on Software Gone Wild [...]
  • How to Promote Scalability with PF_RING ZC and n2diskThe number of cores per CPU is growing at a [...]
  • PF_RING 5.5.0 ReleasedNew libzero features DNA Cluster: number of per-consumer rx/tx queue [...]
  • May 27th: Webinar on DPI-based traffic enforcement, ntop tools on pfSense/OPNsenseFor a long time ntop mainly focused on passive traffic [...]
  • Introducing nProbe IPS: 10 Gbit nDPI-based Traffic Policer and ShaperThis is to introduce a new nProbe feature that brings [...]
  • Combining nDPI and Wireshark for Cybersecurity Traffic AnalysisAt the upcoming Sharkfest Europe 2021 we’ll talk about using [...]
  • Detecting and Analysing Qakbot Traffic Using ntopngIn this post Martin shows how he has used ntopng [...]
active monitoring bgp cento containers continuous traffic recording ebpf elasticsearch export flows fosdem hardware icinga2 influxdb ldap n2disk nagios netflow nindex nProbe nprobeagent ntopng performance release round trip time rtt tcp tcp states telemetry themes visibility

  • Browse By Date

  • Browse By Categories

    • Announce (48)
    • cento (6)
    • Components (1)
    • Cybersecurity (6)
    • Features (2)
    • Guides (11)
    • libebpfflow (1)
    • n2disk (20)
    • n2n (7)
    • nbox (7)
    • nDPI (44)
    • nEdge (6)
    • News (12)
    • nProbe (82)
    • nScrub (3)
    • ntop (92)
    • ntopng (119)
    • PF_RING (88)
    • snort (3)
    • TNAPI (11)
    • tutorials (13)
    • vPF_RING (3)
    • ZC (30)
 

  • Latest Posts

    • May 27th: Webinar on DPI-based traffic enforcement, ntop tools on pfSense/OPNsense
    • Introducing nProbe IPS: 10 Gbit nDPI-based Traffic Policer and Shaper
    • Combining nDPI and Wireshark for Cybersecurity Traffic Analysis
    • Detecting and Analysing Qakbot Traffic Using ntopng
    • Best Practices for High Speed Flow Collection

  • Upcoming Events

    No events planned at this time.
© 1998-2020 ntop
ntop, ntopng, nDPI, PF_RING, nProbe, and n2disk are registered trademarks.