ntop

ntop

Lessons learnt at #SharkFest15
Last week we have made a couple of presentations at SharkFest 2015, introducing to the Wireshark community what ntopng is about. The most interesting part has been the feedback of those who attended the talks who commented on “how to integrate ntopng with Wireshark”. My personal conclusion is that the best way of doing this, is to turn ntopng into a pre-processor for Wireshark; namely use ntopng to permanently monitor a network, detect anomalies, and then analyse them with Wireshark. In fact a packet sniffer cannot be used as a permanent …
ntop

Do you want to work for ntop?
As ntop software is increasing in popularity, we need help for supporting our users and working at new developments. Therefore we are looking for someone to join our development time, help us, and assist the user community.   Job Description We are looking for a candidate located in Italy or in a similar time zone (CET) willing to work remotely or (better) at our main location in Pisa. We offer semi-flexible working hours with a set of time to be allocated every day Mon-Fri during standard working hours (9 AM …
ntop

ntopng Deep Dive: Interview with Ivan Pepelnjak
Last month Ivan Pepelnjak interviewed me on Software Gone Wild about ntop and ntopng. The main topic of the interview were: How it all started and why did Luca decide to start the ntop (and PF_RING) project? What is ntopng (next-generation ntop) and why did they rewrite the product? What are nprobe and nbox? The distributed architecture of ntopng, including probes, data sources, collectors, and the central analyzing engine; Combining ntop and elastic search; Why it makes sense to convert all data into JSON format? What are the problems of …
ntop

Introducing ntopng 1.2
ntopng 1.2 is the result of  10 months of work. We have tried to both introduce new features, and make the product more robust, easy to use, and modern. The result is a simple tool with a refreshed GUI, user preferences, and new reports to display data in new ways. Leveraging on the multi-interface support, ntopng (unless a specific interface is specified) listens on all network interfaces so that you do not have to play with the command line to move from one interface to others All the tables are …
ntop

Mini-Tutorial: Fresh Install of ntopng on Centos 7
IMPORTANT: This post contains outdated information. See README.compilation for updated instructions. This is how to compile ntopng in a fresh centos 7 x64 installation For the impatient: # yum install -y subversion autoconf automake make gcc libpcap-devel libxml2-devel sqlite-devel libtool glib2-devel gcc-c++ $ svn co https://svn.ntop.org/svn/ntop/trunk/ntopng $ ./autogen.sh $ ./configure $ make $ ./ntopng --help ntopng x86_64 v.1.1.4 (r7865) - (C) 1998-14 ntop.org <snip> Step by step description Pull the source code from the ntop svn repository. To do this, you need first to install subversion using yum as follows $ …
nProbe

Running nProbe and ntopng on Ubiquity EdgeRouter Lite
On this blog we have already discussed on how to compile and run ntopng and nProbe on a BeagleBoard and Raspberry Pi. Now we explain (courtesy of  Shane Graham) how to achieve the same on a Ubiquity EdgeRouter Lite, a cheap yet powerful router. First, setup the proper Debian repository: configure set system package repository squeeze components 'main contrib non-free' set system package repository squeeze distribution squeeze set system package repository squeeze url http://http.us.debian.org/debian set system package repository squeeze-security components main set system package repository squeeze-security distribution squeeze/updates set system package repository …
ntop

Upcoming ntop meetings: Nürnberg, Luxembourg, Pisa, Milano.
Next week is going to be a busy week for us as we’ll (Luca and Alfredo) be make a short tour in Europe to present ntopng and the latest ntop apps. October 23rd,  Open Source Network Conference, Nürnberg, Germany. October 24-25th, Hack.Lu and Suricata Team, Luxembourg City, Luxembourg. October 26th, Linux Day 2013, Pisa, Italy. October 29th, Open Source Conference 2013, Milano, Italy. We would like to meet ntop users and hear their feedback, criticism and suggestions. See you next week! …
ntop

It’s time for a completely new ntop. Say hello to ntopng.
15 years are past since the first version of ntop. In 1998 network monitoring requirements were very different from today: few protocols (mostly in plain text) to monitor, IP was not yet “the only protocol”, low network speed, very few connected hosts, no iPhones yet, raspberry was still a fruit, Linux was still for geeks. In 2013 the whole picture is very different. One gigabit links are now commodity (10 Gbit is around the corner), (too?) many hosts interconnected and mobile, application protocols (e.g. Spotify or Skype) are “the” protocols …
n2disk

How to build yourself a nBox Probe and Packet Recorder
If you need a network probe or a packet recorder you have two options. Grab a turn-key nBox or built it yourself using our software. In the first case you will receive a optimised system, with the right motherboard/CPU/NIC for your monitoring tasks and all software preinstalled/configured. However if you want to build yourself your nBox (e.g. you can reuse an old/spare server or get a new one if you plan to address 10 Gbit monitoring) you can now do it. Below we will describe how to build it step by …
Announce

Introducing nBox 2.0 (aka how to use/configure ntop apps using a web GUI)
Years ago we decided to create the nBox appliance as turn-key solution for those that were not fans of the command line. Then we decided to rewrite the nBox GUI to make it simpler, more modern, and usable by all ntop users, to configure ntop, nProbe, n2disk, PF_RING and DNA.   In essence we have created a new web interface that can simplify your configurations, assist with complex things such as core affinity or DNA configuration, and let you focus on ntop applications rather than on their configuration. You can download …
nProbe

Monitoring on the MicroCloud
When I started to develop ntop in 1998, it was clear to me that the network was a huge, volatile (or semi-persistent if you wish), constantly changing database. In ntop this database is implemented in memory, where for each received packet, ntop updates the hosts, protocols, sessions, packet size….. tables. The web interface is yet another way to view the database contents using a web interface. In order not to exhaust all the available resources (memory in primis), the ntop memory database periodically purges data that is no longer accessed …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe