Ntopng : Web-based Traffic & Security Network Traffic Monitoring

Ntopng is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and now revamped in terms of performance, usability, and features.

If instead of source code you prefer to use a pre-built package, please go to http://packages.ntop.org

We build binary packages for the following platforms:

Ubuntu Linux Server x64
CentOS/RedHat Linux x64
Windows x64
RaspberryPI/BeagleBoard ARM (based on Ubuntu Linux)
Ubiquity Networks EdgeRouter (MIPS)

Three versions of ntopng are available, namely Community, Professional and Enterprise. ntopng automatically switches to one of these three versions, depending on the presence of a license.

Also Read – Wordlistctl : Fetch, Install & Search Wordlist Archives From Websites & Torrent Peers

Features and comparisons of these three versions are available at https://www.ntop.org/products/traffic-analysis/ntop/.

The Community does not need any license. Professional and Enterprise versions require a license.

License is per-server and is released according to the EULA (End User License Agreement). Each license is perpetual (i.e. it does not expire) and it allows to install updates for one year since purchase/license issue.

This means that a license generated on 1/1/2018 will be able to activate new versions of the software until 1/1/2019.

If you want to install new versions of the software release after that date, you need to renew the maintenance or avoid further updating the software.

For source-based ntopng you can refer to the GPL-v3 License.

ntopng licenses are generated using the orderId and email you provided when the license has been purchased on https://shop.ntop.org/.

Main Features

Sort network traffic according to many criteria including IP address, port, L7 protocol, throughput, Autonomous Systems (ASs)
Show realtime network traffic and active hosts
Produce long-term reports for several network metrics including throughput and application protocols
Top talkers (senders/receivers), top ASs, top L7 applications
Monitor and report live throughput, network and application latencies, Round Trip Time (RTT), TCP statistics (retransmissions, out of order packets, packet lost), and bytes and packets transmitted
Store on disk persistent traffic statistics to allow future explorations and post-mortem analyses
Geolocate and overlay hosts in a geographical map
Discover application protocols (Facebook, YouTube, BitTorrent, etc) by leveraging on nDPI, ntop Deep Packet Inspection (DPI) technology
Characterise HTTP traffic by leveraging on characterisation services provided by Google and HTTP Blacklist.
Analyse IP traffic and sort it according to the source/destination.
Report IP protocol usage sorted by protocol type
Produce HTML5/AJAX network traffic statistics.
Full support for IPv4 and IPv6
Full Layer-2 support (including ARP statistics)
GTP/GRE detunnelling
Support for MySQL, ElasticSearch and LogStash export of monitored data
Interactive historical exploration of monitored data exported to MySQL
Alerts engine to capture anomalous and suspicious hosts
SNMP v1/v2c support and continuous monitoring of SNMP devices.