New Directions in Network Traffic Security: Homework for 2020

Posted · Add Comment

Summary With today’s traffic, most network IDSs (NIDS) have severe limitations in terms of visibility and ability to be easily circumvented by malware (for instance running a known service on a non-default port or the other way round), and thus need to be used together with traffic analysis applications to produce a comprehensive view of […]

Do You Know What Hackers Hide in SSL/TLS?

Posted · Add Comment

ntop believes that the future of traffic monitoring and network security will be played by the ability to inspect the behaviour of encrypted communications. It is fortunate that Sam Bocetta accepted to talk about encryption. Sam is a freelance journalist specializing in US diplomacy and national security, with emphasis on technology trends in cyberwarfare, cyberdefense, […]

System-Introspected Network and Container Visibility: A Quick Start Guide

Posted · Add Comment

Recently, we have introduced the concept of network and container visibility through system introspection and also demonstrated its feasibility with an opensource library libebpfflow. In other words, by leveraging certain functionalities of the linux operating system, we are able to detect, count and measure the network activity that is taking place on a certain host. […]

Introducing nProbe Agent: Packetless, System-Introspected Network Visibility

Posted · Add Comment

A few months ago at FOSDEM we introduced the concept of network and container visibility through system introspection and we released an opensource library based on eBPF that can be used for this scope. Based on this technology, we created a lightweight probe, nProbe™ Agent (formerly known ad nProbe mini), able to detect, count and measure all network activities […]

ntopConf 2019 Retrospective

Posted · Add Comment

On May 8-9th we have organised our yearly event, in Padova, Italy. The first day was dedicated to training and the second day to the conference. Overall about 150 people attended the event, and we’re glad of it. Our gratitude goes to the speakers, Wintech that took care of logistics, and to all those that […]

Monitoring Containerised Application Environments with eBPF

Posted · Add Comment

Earlier this week ntop and InfluxData held a joint webinar about monitoring containerised applications. We have discussed solution for monitoring both legacy (e.g. non-containerised) and containerised applications, what are the technologies we can use. As most of you know, we have developed libebpfflow that is an open source library for generating IPFIX-like flows not using packets but […]

Cento 1.6 Stable Just Released

Posted · Add Comment

After more than one year since the latest stable release, we are glad to announce cento 1.6-stable. This new release brings stability, fixes and several new features. Among the new features, it is worth mentioning that: Flows can be exported in a standardized JSON to text files. By default, a user cento runs and owns […]