ntopng
 | |
| Developer(s) | Luca Deri |
|---|---|
| Written in | C++, Lua |
| Platform | Cross-platform,including Unix, Linux and Microsoft Windows |
| Available in | English |
| Type | Network analyzer |
| License | GPLv3 |
| Website | http://www.ntop.org |
"ntopng" is an open-source network traffic monitor. It is designed to be a high-performance, low-resource replacement for ntop. The name is derived from "ntop next generation." ntopng is released under the GPLv3 software license, and is available for Unix, Linux, BSD, Mac OS X, and Windows. Binaries are available for CentOS, Ubuntu, and Mac OS X. A Windows demo binary is available that limits analysis to 2,000 packets. The engine is written in C++, and the optional web interface is written in Lua.
ntopng relies on the Redis key-value server rather than a traditional database, takes advantage of nDPI for protocol detection, supports geolocation of hosts, and is able to display real-time flow analysis for connected hosts.
Sample usage
ntopng --dns-mode 1 --interface 5 --daemon --redis localhost:6379 --verbose
Explanation: run ntopng executable, set DNS mode to decode DNS responses and resolve all numeric IPs, use fifth network interface, operate in daemon mode, use Redis server running on local host, and operate in verbose mode.