• Newsletter
  • Working at ntop
  • E-Shop Legal Information
  • E-Shop Terms and Conditions
  • GitHub
  • Resellers
ntop
  • Home
  • Blog
  • Products
    • Packet Capture
      • PF_RING
      • PF_RING ZC (Zero Copy)
      • PF_RING FT (Flow Table)
      • nBroker
    • Traffic Recording & Replay
      • n2disk
      • disk2n
      • nBox Recorder
    • Flow-based Traffic Analysis
      • nProbe
      • nProbe™ Agent
      • nProbe™ Cento
      • nBox NetFlow/IPFIX
    • Traffic Analysis and Enforcement
      • ntopng
      • ntopng Edge
    • Deep Packet Inspection
      • nDPI
    • DDoS Mitigation and VPN
      • nScrub
      • n2n
  • Support
    • Documentation
      • FAQs
      • User’s Guides
      • Video Tutorials
    • Need Help?
      • Bug Report
      • Contact Us
      • Community Support
      • Commercial Support
    • Misc
      • Code Security
      • Contributor License Agreement
      • Brochures
  • GitHub
  • Get Started
  • About
    • About Us
    • The ntop Team
    • ntop Conference
    • Credits
    • Partners
    • Resellers
    • Legal Information
    • Privacy Policy
    • Locations
    • Resources
  • Shop

Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)

Posted February 3, 2021 · Add Comment

We are proud to announce that a couple of talks have been accepted at FOSDEM 2021, one of the most important FOSS conferences in the world that this yar will take place online due to the pandemic. In the Network … Continue reading →

Read More

Efficiently Detecting and Blocking SunBurst Malware

Posted December 18, 2020 · Add Comment

Earlier this month a new highly evasive malware attacker named SunBurst has been disclosed. Immediately some countermeasures have been disclosed and in particular some Snort/Suricata rules have been published. We have analysed the rules trying to figure out if ntop … Continue reading →

Read More

Released nDPI 3.4: increased detection speed, statistical analysis, fuzzing, cybersecurity

Posted October 19, 2020 · Add Comment

This is to announce the release of nDPI 3.4 that is a major step ahead with respect to 3.2: Detection speed has been greatly optimised Many new functions for statistical protocol analysis have been introduced. This is to expand nDPI … Continue reading →

Read More

How Great Hashing Can (More Than) Double Application Performance

Posted October 5, 2020 · Add Comment

Most ntop applications (ntopng, nProbe, Cento) and libraries (FT) are based on the concept of flow processing, that merely means keeping track of all network communications. In order to implement this, network packets are decoded and, based on a “key” … Continue reading →

Read More

How to Dump, Index, and Layer-7 Filter Network Traffic at High Speed

Posted September 17, 2020 · Add Comment

n2disk is an application that many of the ntop community uses to dump traffic up to 100 Gbit. What few people know is that n2disk can index data not just using packet header information (i.e. IP, port. VLAN, MAC…) but … Continue reading →

Read More

Monitoring Industrial IoT/Scada Traffic with nDPI and ntopng

Posted September 8, 2020 · Add Comment

Monitoring Industrial IoT and SCADA traffic can be challenging as most open source monitoring tools are designed for Internet protocols. As this is becoming a hot topic with companies automating production lines, we have decided to enhance ntop tools to … Continue reading →

Read More

How to Detect Domain Hiding (a.k.a. as Domain Fronting)

Posted August 19, 2020 · Add Comment

Domain fronting is a technique that was used in 2010s by mobile apps to attempt to bypass censorship. The technique relies on a “front” legitimate domain that basically acts as a pivot for the forbidden domain. In essence an attacker … Continue reading →

Read More

Introducing nDPI Risk Analysis for (Cybersecurity) Network Traffic Analysis (was Ripple20)

Posted July 1, 2020 · Add Comment

Earlier last month Ripple20 became popular as it has listed some vulnerabilities found in a custom IP stack used by many IoT devices. Despite the hype on Ripple20, in essence the tool used to fingerprint vulnerable devices sends either malformed … Continue reading →

Read More

Howto Identify and Block Telegram-based Botnets

Posted June 10, 2020 · Add Comment

Botnets are a popular way to run malware on a network using the command and control paradigm. Popular protocols used by botnets include IRC and HTTP. Most IDSs can detect bots as long as they can inspect the network traffic. … Continue reading →

Read More

Why Traffic Behaviour Analysis is Good (was Encrypting TLS 1.3 Traffic)

Posted May 28, 2020 · Add Comment

In the latest nDPI meetup, we have discussed future directions, including extending the current encrypted traffic analysis features. Currently nDPI supports both fingerprint and behaviour encrypted traffic analysis techniques to provide TLS traffic visibility. At ntop we have never liked … Continue reading →

Read More
  • ← Previous Entries
 
  • Popular
  • Recent
  • Comments
  • Tags
  • PF_RING 6.0.3 Just ReleasedToday we have released PF_RING 6.0.3  a maintenance release that [...]
  • ntopng Deep Dive: Interview with Ivan PepelnjakLast month Ivan Pepelnjak interviewed me on Software Gone Wild [...]
  • How to Promote Scalability with PF_RING ZC and n2diskThe number of cores per CPU is growing at a [...]
  • PF_RING 5.5.0 ReleasedNew libzero features DNA Cluster: number of per-consumer rx/tx queue [...]
  • What is Score, and How It can Drive You Towards Network IssuesTelemetry protocols such as sFlow/NetFlow SNMP or packet-based traffic analysis [...]
  • How To Monitor Traffic Behind a Firewall (During and Post Pandemic)Due to pandemic many people are now working in a [...]
  • FOSDEM 2021 - RetrospectiveFOSDEM 2021 has been an awesome event. For the first [...]
  • Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)We are proud to announce that a couple of talks [...]
active monitoring bgp cento containers continuous traffic recording ebpf elasticsearch export flows fosdem hardware icinga2 influxdb ldap n2disk nagios netflow nindex nProbe nprobeagent ntopng performance release round trip time rtt tcp tcp states telemetry themes visibility
  • Browse By Date

  • Browse By Categories

    • Announce (47)
    • cento (6)
    • Components (1)
    • Cybersecurity (5)
    • Features (2)
    • Guides (11)
    • libebpfflow (1)
    • n2disk (20)
    • n2n (7)
    • nbox (7)
    • nDPI (43)
    • nEdge (6)
    • News (12)
    • nProbe (80)
    • nScrub (3)
    • ntop (92)
    • ntopng (117)
    • PF_RING (88)
    • snort (3)
    • TNAPI (11)
    • tutorials (13)
    • vPF_RING (3)
    • ZC (30)
 
  • Latest Posts

    • What is Score, and How It can Drive You Towards Network Issues
    • How To Monitor Traffic Behind a Firewall (During and Post Pandemic)
    • FOSDEM 2021 – Retrospective
    • Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)
    • Bringing Network Visibility, Cybersecurity and Encrypted Traffic Analysis to OPNsense, pfSense and FreeBSD
  • Upcoming Events

    No events planned at this time.
© 1998-2020 ntop
ntop, ntopng, nDPI, PF_RING, nProbe, and n2disk are registered trademarks.