We have created nDPI to label network traffic and extract metadata such as the URL or TLS certificate information. nDPI is the layer on top of which ntop applications are sitting. This time we do not want to talk about … Continue reading
Welcome to nDPI 4.6: code fuzzing, new protocol and flow risks
This is to announce the release of nDPI 4.6 that introduces various improvements with respect to the previous release. Many things changed in this release in terms of number of protocols and robustness thanks to code fuzzing introduced in this … Continue reading
HowTo Monitor Zoom Performance and Video/Call Quality
Zoom is a popular platform for video communications and team collaboration. As many other cloud services, network administrators need to supervise Zoom network traffic usage. DPI toolkits such as nDPI are useful for identifying Zoom traffic for supervising the network … Continue reading
Introducing nDPI 4.4: Many New Protocols, Improvements and Cybersecurity Features
This is to introduce nDPI 4.4 that includes the development activities of the last six months. As with previous releases we are improving protocol support, automatic testing to harden the code for critical environments, and introducing new cybersecurity features for … Continue reading
How to Configure Flow Risk Exclusions in nDPI and ntopng
Flow risks are the mechanism nDPI implements for detecting issues in network traffic whose theoretical design is documented in this paper Using Deep Packet Inspection in CyberTraffic Analysis we have written last year. While we are reworking the definition of … Continue reading
You’re invited at FOSDEM 2022 (5 and 6 February) in the ntop stand
As most of our users know, every year we were used to meet the world of open source at FOSDEM in Brussels. Due to pandemic, this yearly event has been moved online so we invite you to attend it wherever … Continue reading
HowTo Define nDPI Risk Exceptions for Networks and Domains
In the past couple of years we have added the concept of flow risk in nDPI that allows issues with flows to be detected (for instance expired TLS certificates). Unfortunately we need to silence some of these risk exceptions as … Continue reading
A Gentle Introduction To Timeseries Similarity in nDPI (and ntopng)
Introduction Let’s start from the end. In your organisation you probably have thousand of timeseries of various nature: SNMP interfaces, hosts traffic, protocols etc. You would like to know what timeseries are similar as this is necessary for addressing many … Continue reading
Configuring nDPI Flow Risk Exceptions
One of the newest features of nDPI 4 is the ability to identify flow risks. Unfortunately sometimes you need to add exceptions as some of those risks, while correct, need to be ignored. Examples include: An old device that is … Continue reading
Introducing nDPI 4.0: DPI for CyberSecurity and Traffic Analysis
This is to announce nDPI 4.0. With this new stable release we have extended the scope of nDPI that was originally conceived as a toolkit for detecting application protocols. nDPI is now a modern library for packet processing that in … Continue reading