ntopng

ntopng
Developer(s) Luca Deri
Written in C++, Lua
Platform Cross-platform,including Unix, Linux and Microsoft Windows
Available in English
Type Network analyzer
License GPLv3
Website http://www.ntop.org

"ntopng" is an open-source network traffic monitor. It is designed to be a high-performance, low-resource replacement for ntop. The name is derived from "ntop next generation." ntopng is released under the GPLv3 software license, and is available for Unix, Linux, BSD, Mac OS X, and Windows. Binaries are available for CentOS, Ubuntu, and Mac OS X. A Windows demo binary is available that limits analysis to 2,000 packets. The engine is written in C++, and the optional web interface is written in Lua.

ntopng relies on the Redis key-value server rather than a traditional database, takes advantage of nDPI for protocol detection, supports geolocation of hosts, and is able to display real-time flow analysis for connected hosts.

Sample usage

ntopng --dns-mode 1 --interface 5 --daemon --redis localhost:6379 --verbose

Explanation: run ntopng executable, set DNS mode to decode DNS responses and resolve all numeric IPs, use fifth network interface, operate in daemon mode, use Redis server running on local host, and operate in verbose mode.

External links

See also

References