For a long time out MacOS users asked a native ntopng package. Even though we use MacOS and Linux to develop our tools, we didn’t consider important to revamp the MacOS installer (ntopng 1.x has a native MacOS installer) as … Continue reading
Extending ntopng by Means of Plugins: A Step-by-Step Tutorial
ntopng v4 has introduced the concept of plugins that are short scripts written in Lua. They allow people to code ntopng extensions for triggering alerts when specific conditions are met, or extend the engine by adding new external data feeds. … Continue reading
Say Hello To ntopng 4.0: Cybersecurity, Scripting… and a New User Interface
After over one year of work, we’re proud to announce you that ntopng 4.0 is finally out. In this time we have redesigned ntopng for speed and openness, by breaking apart the existing monolithic C++ engine into a Lua-scriptable micro-engine. … Continue reading
Securing Flow Collection Using Data Encryption
NetFlow/IPFIX specifications have not considered privacy and confidentiality important. Exported flows are sent over unencrypted channels that prevent them to be exchanged on public networks unless techniques such as VPNs are used. Today encryption is no longer an option, and … Continue reading
How We Managed to Turn ntopng Into a Cybersecurity Tool
Last year you have read how we have integrated Suricata support into ntopng. While an IDS is a good source of data, it is just a sensor, how has no knowledge of the big network picture including the network overview, … Continue reading
Towards ntopng v4: New User Interface Featuring Dark Theme
This February we’ll introduce ntopng v4 and we’re starting to write some blog posts to preview the new features. Let’s start with the user interface. Since v1 the UI has always been the same. People however asked us some more … Continue reading
Introducing Automatic Package Update in ntopng
One of the most useful features in applications, is the ability to Update the application with a matter of click with no need to move to the terminal console. Instruct the system to update the application as a new version … Continue reading
Exploring Physical Network Topologies Using ntopng
ntop tools are known for monitoring network traffic. However this traffic has to flow on physical networks and thus it is important to understand the physical network layout. LLDP (Link Layer Discovery Protocol) is a network protocol used to dynamically … Continue reading
Spotting Plaintext Information in Network Protocols
In short: encryption does not always mean that all the information exchanged is really encrypted. Another myth is that many people believe that the equation “encryption = security” holds. Unfortunately this is not true. This slide deck we presented at Sharkfest … Continue reading
ntopng & Suricata: Unifying Visibility with Security
This week we have presented at Suricon 2019 our work about unifying ntopng with Suricata. In short: Suricata is a great tool for analysing individual flows but It lacks a GUI It is blind to security threats when they use … Continue reading