Web-based network traffic monitoring
http://www.ntop.org/
ntopng is a web-based network traffic monitoring application released under GPLv3.
It is the new incarnation of the original ntop written in 1998, and now revamped
in terms of performance, usability, and features.
-
2
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout server:monitoring/ntopng && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
001-Enable-building-against-the-dynamic-libndpi-li |
0000000582 582 Bytes | |
README.SUSE | 0000001232 1.2 KB | |
ntopng-5.0.tar.gz | 0057935381 55.3 MB | |
ntopng-rpmlintrc | 0000000223 223 Bytes | |
ntopng-user.conf | 0000000072 72 Bytes | |
ntopng.changes | 0000009078 8.87 KB | |
ntopng.service | 0000000310 310 Bytes | |
ntopng.spec | 0000005206 5.08 KB | |
ntopng.target | 0000000053 53 Bytes | |
ntopng@.service | 0000000312 312 Bytes |
Latest Revision
Dirk Stoecker (dstoecker)
accepted
request 913620
from
Martin Hauke (mnhauke)
(revision 8)
- Update to version 5.0 Breakthroughs * Advanced alerts engine with security features, including the detection of attackers and victims. + Integration of 30+ nDPI security risks. + Generation of the score indicator of compromise for hosts, interfaces and other network elements. * Ability to collect flows from hundredths of routers by means of observation points. * Anomaly detection based on Double Exponential Smoothing (DES) to uncover possibly suspicious behaviors in the traffic and in the score. * Encrypted Traffic Analysis (ETA) with special emphasis on the TLS to uncover self-signed, expired, invalid certificates and other issues. New features * Ability to configure alert exclusions for individual hosts to mitigate false positives. * Ability to see the TX/RX traffic breakdown both for physical interfaces and when receiving traffic from nProbe. * Add support for ECS when exporting to Syslog. * Improved TCP analysis, including analysis of TCP flows with zero window and low goodput. * Ability to send alerts to Slack. * Implementation of a token-based REST API access. Improvements * Reworked the execution of hosts and flows checks (formerly user scripts), yielding a reduced CPU load of about 50% . * Improved 100Kfps+ NetFlow/sFlow collection performance. * Drilldown of nIndex historical flows much more flexible.
Comments 0