• Working at ntop
  • E-Shop Legal Information
  • E-Shop Terms and Conditions
  • GitHub
  • Resellers
  • Newsletter
ntop
  • Home
  • Blog
  • Products
    • Packet Capture
      • PF_RING
      • PF_RING ZC (Zero Copy)
      • PF_RING FT (Flow Table)
    • Traffic Recording & Replay
      • n2disk
      • disk2n
      • nBox Recorder
    • Flow-based Traffic Analysis
      • nProbe
      • nProbe™ Cento
      • nBox NetFlow/IPFIX
    • Traffic Analysis and Enforcement
      • ntopng
      • ntopng Edge
    • Deep Packet Inspection
      • nDPI
    • DDoS Mitigation and VPN
      • nScrub
      • n2n
  • Support
    • Documentation
      • FAQs
      • User’s Guides
      • Video Tutorials
    • Need Help?
      • Bug Report
      • Contact Us
      • Community Support
      • Commercial Support
    • Training
      • Professional Training
    • Misc
      • Code Security
      • Contributor License Agreement
      • Brochures
  • GitHub
  • Get Started
  • About
    • About Us
    • The ntop Team
    • ntop Conference
    • Credits
    • Partners
    • Resellers
    • Legal Information
    • Privacy Policy
    • Locations
    • Resources
  • Shop
admin 0

How to Configure Flow Risk Exclusions in nDPI and ntopng

Posted May 26, 2022 · Add Comment

Flow risks are the mechanism nDPI implements for detecting issues in network traffic whose theoretical design is documented in this paper Using Deep Packet Inspection in CyberTraffic Analysis we have written last year. While we are reworking the definition of … Continue reading →

Read More
admin 0

You’re invited at FOSDEM 2022 (5 and 6 February) in the ntop stand

Posted February 3, 2022 · Add Comment

As most of our users know, every year we were used to meet the world of open source at FOSDEM in Brussels. Due to pandemic, this yearly event has been moved online so we invite you to attend it wherever … Continue reading →

Read More
admin 0

HowTo Define nDPI Risk Exceptions for Networks and Domains

Posted January 14, 2022 · Add Comment

In the past couple of years we have added the concept of flow risk in nDPI that allows issues with flows to be detected (for instance expired TLS certificates). Unfortunately we need to silence some of these risk exceptions as … Continue reading →

Read More
admin 0

A Gentle Introduction To Timeseries Similarity in nDPI (and ntopng)

Posted December 14, 2021 · Add Comment

Introduction Let’s start from the end. In your organisation you probably have thousand of timeseries of various nature: SNMP interfaces, hosts traffic, protocols etc. You would like to know what timeseries are similar as this is necessary for addressing many … Continue reading →

Read More
admin 0

Configuring nDPI Flow Risk Exceptions

Posted August 4, 2021 · Add Comment

One of the newest features of nDPI 4 is the ability to identify flow risks. Unfortunately sometimes you need to add exceptions as some of those risks, while correct, need to be ignored. Examples include: An old device that is … Continue reading →

Read More
admin 0

Introducing nDPI 4.0: DPI for CyberSecurity and Traffic Analysis

Posted July 26, 2021 · Add Comment

This is to announce nDPI 4.0. With this new stable release we have extended the scope of nDPI that was originally conceived as a toolkit for detecting application protocols. nDPI is now a modern library for packet processing that in … Continue reading →

Read More
admin 0

How to Spot Unsafe Communications using nDPI Flow Risk Score

Posted May 18, 2021 · Add Comment

nDPI it is much more than a DPI library used to detect the application protocol. In the past year, nDPI has grown in terms of cybersecurity features used to detect threats and network issues leveraging on the concept of flow … Continue reading →

Read More
admin 0

Combining nDPI and Wireshark for Cybersecurity Traffic Analysis

Posted April 26, 2021 · Add Comment

At the upcoming Sharkfest Europe 2021 we’ll talk about using Wireshark in cybersecurity. Part of the talk will focus on nDPI and Wireshark integration. Since the last release nDPI features flow risk analysis, that is basically a numerical indication of … Continue reading →

Read More
Simone Mainardi 0

Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)

Posted February 3, 2021 · Add Comment

We are proud to announce that a couple of talks have been accepted at FOSDEM 2021, one of the most important FOSS conferences in the world that this yar will take place online due to the pandemic. In the Network … Continue reading →

Read More
admin 0

Efficiently Detecting and Blocking SunBurst Malware

Posted December 18, 2020 · Add Comment

Earlier this month a new highly evasive malware attacker named SunBurst has been disclosed. Immediately some countermeasures have been disclosed and in particular some Snort/Suricata rules have been published. We have analysed the rules trying to figure out if ntop … Continue reading →

Read More
  • ← Previous Entries
 
  • Popular
  • Recent
  • Comments
  • Tags
  • PF_RING 6.0.3 Just ReleasedToday we have released PF_RING 6.0.3  a maintenance release that [...]
  • ntopng Deep Dive: Interview with Ivan PepelnjakLast month Ivan Pepelnjak interviewed me on Software Gone Wild [...]
  • ntop is back: ntopng 1.0 just releasedAfter 15 years since the introduction of the original ntop [...]
  • How to Configure Flow Risk Exclusions in nDPI and ntopngFlow risks are the mechanism nDPI implements for detecting issues [...]
  • How to Configure Flow Risk Exclusions in nDPI and ntopngFlow risks are the mechanism nDPI implements for detecting issues [...]
  • Best Practices for Using ntop Tools on ContainersMany people use software containers to simplify application deployment. As [...]
  • How ntopng monitors IEC 60870-5-104 trafficBusy times for OT analysts. Last month the number of [...]
  • Registration for ntopConf 2022 (June 23-24) is now OpenThis year the ntop community will meet in Milan Italy [...]
active monitoring bgp cento containers ebpf elasticsearch export flows fosdem hancitor icinga2 infection influxdb inline layer7 netflow nProbe nprobeagent ntopng performance policer release round trip time rtt security stable tcp states telemetry themes visibility
  • Browse By Date

  • Browse By Categories

    • Announce (50)
    • cento (8)
    • Components (1)
    • Cybersecurity (14)
    • Features (2)
    • Guides (11)
    • libebpfflow (1)
    • n2disk (20)
    • n2n (7)
    • nbox (7)
    • nDPI (51)
    • nEdge (6)
    • News (13)
    • nProbe (93)
    • nScrub (3)
    • ntop (101)
    • ntopng (138)
    • PF_RING (91)
    • snort (3)
    • TNAPI (11)
    • tutorials (17)
    • vPF_RING (3)
    • Webinar (15)
    • ZC (30)
 
  • Latest Posts

    • How to Configure Flow Risk Exclusions in nDPI and ntopng
    • Best Practices for Using ntop Tools on Containers
    • How ntopng monitors IEC 60870-5-104 traffic
    • Registration for ntopConf 2022 (June 23-24) is now Open
    • HowTo Use TLS for Securing Flow Export/Collection
  • Upcoming Events

    • June 23-24 - ntopConf 2022 (Milan)
© 1998-2022 ntop
ntop, ntopng, nDPI, PF_RING, nProbe, and n2disk are registered trademarks.