![]() Added HTTP virtual hosts support in HTML reports.Similarly added ability to dump traffic to disk in pcap format. too much traffic) on a tap interface and attach applications such as Wireshark/tcpdump to it. of a selected host) or when specific traffic conditions arise (e.g. Added ability to dump specific traffic (e.g.ntopng can now be queries via HTTP tools such as curl or wget with authentication enabled.Added ability to disable HTTP authentication (partially or fully).Added several fixes for enhancing security and preventing ntopng to be misused (from the security point of view).Fixed various bugs including a memory leak that was slowly exhausting memory.Added reports per AS, geo-location, network, HTTP servers.Various fixes to the historical network interface.Enhanced the ElasticSearch export facility to cope with latest additions such as host geolocation.Ability to work behind an HTTP reverse proxy.Added ability to generate a traffic report for all hosted HTTP servers (on local networks): ISPs can now create a hourly report of all the thousand of servers they are hosting.Added ability to fine-tune RRD configurations.Packaging for Intel, ARM and MIPS platforms.Ability to categorise malware (-c option) using the Google Safe Browsing API that replaces the block.si service present in ntopng 1.x.Integration of ntopng with nagios: you can now create nagios plugins to query ntopng and thus emit alerts based not traffic conditions.Alerts are now generated when ntopng detects a flooder or a network scanner (as well when accessing malware sites ).Improvements on OS detection of remote hosts.Ability to sniff from netfilter interfaces.You can now for instance generate traffic alerts when an interface has too much traffic or if a host has passed its daily traffic quota. Enhanced host alerts (including traffic quotas) and added interface alerts. ![]() ![]() Enhanced HTML code to render better on devices of various sizes.Added flow TCP traffic statistics (packets retransmitted, lost, and out of order).Added network latency in flows (server vs client network latency).Hardened the code to support mid/large organisations and high traffic volumes, as well for operating on hosts with little memory.nDPI is also used to drop application traffic in the professional noting edition. QUIC) and new versions of existing ones (e.g. Added support for the latest nDPI that includes support for various new protocols (e.g.Example ntopng -i eth1, -i eth2 -i view:eth1,eth2 Added ability to aggregate traffic from various network interfaces on the same interface view while keeping interface traffic split. ![]()
0 Comments
Leave a Reply. |