FastNetMon
ntopng
Our great sponsors
FastNetMon | ntopng | |
---|---|---|
8 | 30 | |
3,333 | 5,908 | |
- | 1.9% | |
8.9 | 10.0 | |
25 days ago | 7 days ago | |
C++ | Lua | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
FastNetMon
- Versatile open source toolkit to detect volumetric DDoS attacks
-
A DDoS attack with unknown scr and dst port.
If you have a BGP peering with you ISP/upstream provider, ask them if they have a blackhole community you can broadcast to. Usually they are ASN:666. The only downside is you would only be able to advertise your IP address to that, essentially killing your internet (if that's your only IP) as long as the block is up. We usually set our filter to 15 minutes and most attackers give up after that. At this level, you probably would have your own ASN with a small range and could potentially use something like FastNetMon (https://fastnetmon.com) to automatically advertise and remove IPs from the community.
-
Processing netwflow data
Have you looked at fastnetmon ? It's freemium and It looks like the commercial version would work you, but I think the community edition is aslo worth a look. It's primary function is to detect DDOS attacks, but it can export data in ways that might be useful to you.
- Got shaken down today.
- FastNetMon – DDoS Sensor with SFlow/Netflow/Ipfix/Span Support
-
WAN Attacks is it just whack-a-mole?
To mitigate DoS attacks means you need information - preferably before the users start screaming. Running sampling on your edge router with something like Fastnetmon will give you alerting of a probable DDoS attack before it becomes a significant problem.
-
fastnetmon notify_about_attack.sh question
notify_about_attack.sh https://github.com/pavel-odintsov/fastnetmon/blob/master/src/notify_about_attack.sh
- nfsen vs fastnetmon for sFlow and DDoS monitoring
ntopng
-
How to trace URLs using Mikrotik router?
and use software: https://www.ntop.org/
- [Opnsensefirewall] Maxmind Geolocation in Ntopng (pas de package ntopng-data à installer?)
- Current download/upload speed per device
- Ntopng: Web-Based Traffic and Security Network Traffic Monitoring
-
Is there a simple bandwidth monitor with/for OPNsense?
InfluxDB 2.0 Support (ntopng github)
-
NTOP – Linux “top” for Node.js part 2, now working directly from CLI-only
For what it's worth, there used to be a package in many Linux repositories called "ntop" [1] but became less popular when they went commercial. There is still a community version but I have no idea how popular it is any more. It was quite popular prior to projects like PiHole. Perhaps the older ntop has fallen out of favor so maybe there won't be any confusion.
[1] - https://www.ntop.org/
-
Can't access Jellyfin from outside of local network
Have you seen https://github.com/ntop/ntopng?
-
What Open Source Projects Do You Use In Your District?
NTOP -- Traffic Analysis.
-
easiest way to see monthly data usage?
One of the comments suggests using a managed switch that supports port mirroring, and installing a Flow collector on the connected system. Google netflow collector for software options. Something like ntop may work. See... HowTo Monitor Traffic in SMEs and Home Networks: A Primer
-
OPNSense 22.7.4 - ntopng with GeoIP support
What can I do to implement GeoIP support into ntopng? The instructions I found on the internet (e.g. https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md) did not seem to fit the case.
What are some alternatives?
ElastiFlow - Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack
pmacct - pmacct is a small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP RPKI IGP Streaming Telemetry].
nfdump - Netflow processing tools
samplicator - Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing
softflowd - softflowd: A flow-based network traffic analyser capable of Cisco NetFlow data export software.
Mikrotik-RouterOS-automatic-backup-and-update - Script sends backups to email and keep your mikrotik firmware up to date.
LibreNMS - Community-based GPL-licensed network monitoring system
ntopng-udm - ntopng Docker image for the UDM base and UDM pro
vFlow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)
graylog - Free and open log management