This is to announce the release of nDPI 2.4 that is an incremental release mainly introducing the concept of categories in addition to new dissectors and bug fixes. In a nutshell in order to limit the number of custom protocols defined as “if traffic goes from/to Internet domain X then this is protocol X” all […]
Released nDPI 2.2.2: 7 New Protocols, Many Improvements
This is to announce a minor nDPI release update that adds a few fixes and introduces support for popular cloud protocols such as Google and Apple push service. Below you can find the complete changelog. Enjoy! Main New Features Initial experimental Hyperscan support ndpi_get_api_version API call to be used in applications that are dynamically linking […]
Is your Android phone safe? nDPI will tell you
Weeks ago I have added support for GoogleServices detection in nDPI and thus I wanted to test the code with real traffic. For this reason I started to play with a few Android phones in order to test the code on various OS releases and implementations. This is what I found out. The testbed was […]
Announcing nDPI 2.2
Today we are glad to release nDPI stable version 2.2. This minor release present several fixes and adds support for a handful of new protocols. It also features custom application categories to allow users to create personalized mappings between protocols and categories. The full list of changes introduced with this release are: Main New Features […]
Using nDPI to Turn Wireshark Into a Traffic Monitoring Tools
Last week at Sharkfest EU we have shown how you can use nDPI and Lua scripting to turn Wireshark into a traffic monitoring tool. We remind you that all the ntop contributions to Wireshark are open source and can be found on github. Enjoy!
How to Enhance Wireshark with DPI, latency measurement and more
This week at Sharkfest US 17, we have presented the ntop contributions to wireshark. In particular: How to use nDPI to complement Wireshark traffic classification How to remote capture on a remote box at 10/401/100 Gbit and stream traffic securely to wireshark via SSH Same as above but extracting packets from TBytes (of pcaps) using […]
Say hello to nDPI 2.0 (with wireshark integration)
nDPI 2.0 is a major release that: Consolidates the API, in particular for guessing new protocols or notifying nDPI that for a given flow there are no more packets to dissect. Introduces nDPI support into Wireshark by means of a lua script and extcap plugin. Available via an extcap interface, the plugin sends Wireshark the […]
Released nDPI 1.8
This is to announce the release of nDPI 1.8. In this version we have updated many protocol dissectors, simplified the API as well started to introduce changes that will be further improved in future versions. As usual we have changed many protocols dissectors. The whole changelog can be found below. Many thanks to all contributors! […]
Released nDPI 1.7
This is to announce the release of nDPI 1.7. In addition to many new/updated dissectors, the main change of this release is the ability to identify subprotocols. For instance a DNS request Facebook is not identified as DNS.Facebook (previously only Facebook). This is a great additions for apps that used nDPI to block protocols and […]
Using ntopng to Implement a WiFi Access Point with Layer 7 Traffic Enforcement
This post will teach you how to create a cheap WiFi access point able to enforce layer-7 application protocols. In order to do this you can use a cheap RaspberryPi or BeagleBoard with a USB WiFi stick, or use a x86 PC. The USB stick we use is the following # lsusb Bus […]