Continuous packet recorders are devices that capture raw traffic to disk, providing a window into network history, that allows you to go back in time when a network event occurs, and analyse traffic up to the packet level to find … Continue reading
Drill Down Deeper: Using ntopng to Zoom In, Filter Out and Go Straight to the Packets
ntopng has grown significantly over the past years, providing an increasingly-interesting set of features to support network analysts and troubleshooters in their decisions. Among the most relevant features, it is worth mentioning that timeseries inspection pages have been redesigned and … Continue reading
Introducing n2disk 2.8 with Microburst Detection
Together with PF_RING 6.6, today we also released n2disk 2.8. In this release we introduced support for microburst detection in order to spot traffic bursts, which is crucial in identifying potential capacity issues and troubleshooting packet loss in network equipments. We … Continue reading
See You Next Week at the ntop Users Meeting
This is to renew the invitation to meet you next week at the ntop users meeting colocated with Sharkfest Europe. The event is free of charge but seats are limited. More information can be found here. Hope too see you … Continue reading
Filtering Terabytes of pcaps using nBPF and Wireshark
In a previous post we introduced our new nBPF library that able to convert a BPF filter to hardware rules for offloading traffic filtering to the network card. We did not mention that the same engine can be used for accelerating traffic extraction from … Continue reading
n2disk 2.6 Just Released
This is to announce the release of n2disk 2.6. In this release we have made many changes to the indexing system adding a new flow-based index that should improve packet retrieval as well pave the way to flow+packet+l7 inspection+index integration … Continue reading
How to Build a 2×10 Gbit Packet Recorder using n2disk and PF_RING (2016 Update)
Earlier in 2014 we advised how to build a continuous packet recorder using n2disk and PF_RING. Since that time computing architectures have progressed, we have added support for new ethernet controllers, and so it’s now time to refresh that post for … Continue reading
Building a (Cheap) 2×10 Gbit (Continuous) Packet Recorder using n2disk and PF_RING
Continuous packet recorders are devices that capture network traffic and save it to disk. The term continuous means that this activity is performed “continuously” until the device is active and not just for a few minutes. At ntop we have … Continue reading
Visualising n2disk Captured Traffic using CloudShark
Introduction ntop users are familiar with n2disk and the nBox web interface that ease its use. As you know, the nBox includes a small web-based tool that allows you to preview pcap contents. This tool is good for having an … Continue reading
Introducing on-the-fly 10 Gbit pcap compression on n2disk
Compressing pcap produced by n2disk is a good idea for a few reasons: It allows disk space to be saved as compressed data takes less space on disk. It enables the creation of cheaper packet recorder appliances as with the … Continue reading