ntopng | A mirror of ntopng

by xtao JavaScript Version: Current License: GPL-3.0

X-Ray Key Features Code Snippets Community Discussions(5)Vulnerabilities Install Support

kandi X-RAY | ntopng Summary

ntopng is a JavaScript library. ntopng has no bugs, it has a Strong Copyleft License and it has low support. However ntopng has 8 vulnerabilities. You can download it from GitHub.

ntopng

Support

Quality

Security

License

Reuse

Support

ntopng has a low active ecosystem.

It has 20 star(s) with 6 fork(s). There are 7 watchers for this library.

It had no major release in the last 6 months.

There are 1 open issues and 0 have been closed. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of ntopng is current.

Quality

ntopng has no bugs reported.

Security

ntopng has 8 vulnerability issues reported (0 critical, 4 high, 4 medium, 0 low).

License

ntopng is licensed under the GPL-3.0 License. This license is Strong Copyleft.

Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.

Reuse

ntopng releases are not available. You will need to build from source code and install.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ntopng

Get all kandi verified functions for this library.

ntopng Key Features

No Key Features are available at this moment for ntopng.

ntopng Examples and Code Snippets

No Code Snippets are available at this moment for ntopng.

Community Discussions

Trending Discussions on ntopng

Tuning logstash performance

genre syntax didn't return classification data

Match_phrase isn’t precise

integration of ntopng on aws centos

Elasticsearch [bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME]

QUESTION

Tuning logstash performance

Asked 2018-Jan-06 at 11:41

I use logstash to connect between elasticsearch and ntopng(a flow collector). but there are many drop flows, so I think the bottle neck is on logstash because my RAM is 20G and CPU 8 cores. But I am not sure which parameter could I edit to tune the logstash in the logstash.yml

thank you in advance!

...

ANSWER

Answered 2018-Jan-06 at 11:41

It seems like one step of working out a solution to your problem is to supply decent Logstash monitoring. One good way to achieve this is by installing X-Pack which provides Logstash monitoring in the X-Pack monitoring ui in Kibana.

Please refer to https://www.elastic.co/guide/en/logstash/6.1/logstash-monitoring-ui.html for more information about the Logstash monitoring ui and https://www.elastic.co/guide/en/logstash/6.1/installing-xpack-log.html for information on how to install and configure X-Pack for Logstash.

Apart from Logstash monitoring, you should of course also monitor the used resources on the systems you are running Logstash on. There are several ways to do this, for example with active monitoring solutions, such as Nagios, our passive monitoring solutions such as Elasticsearch with Metricbeat.

Once you know what the bottleneck is, you can go through https://www.elastic.co/guide/en/logstash/6.1/performance-troubleshooting.html and tune Logstash settings or if necessary add more Logstash instances for distributing load.

Source https://stackoverflow.com/questions/48110609

QUESTION

genre syntax didn't return classification data

Asked 2018-Jan-04 at 04:52

AS title my data index is: "ntopng-2018.01.02"

this is my REST API:

...

ANSWER

Answered 2018-Jan-03 at 16:55

ok. I found that's old ES version problem. I can't use the genre syntax to query and return correct result if the index isn't "logstash-*". but after I update to the newest 6.1.1 version, and it can run now!

Source https://stackoverflow.com/questions/48079255

QUESTION

Match_phrase isn’t precise

Asked 2017-Dec-30 at 08:44

this is my REST API:

...

ANSWER

Answered 2017-Dec-30 at 08:44

You should map your IP fields using the ip data type

Source https://stackoverflow.com/questions/48032095

QUESTION

integration of ntopng on aws centos

Asked 2017-Oct-18 at 15:47

I am trying to run ntopng on an AWS instance (centos) to monitor my local network So my questions are:

How to connect my local network to aws ntopng located in aws instance.
how to integrate n2disk, nprobe cento and ntopng together.

...

ANSWER

Answered 2017-Oct-18 at 15:47

You have two issues: 1) Connecting an Amazon VPC to your local network 2) snooping on network traffic.

You can setup a VPN to connect your networks together. Consider using OpenSwan or Windows Server setup on each side of the network.

Network Snooping: This is not possible in Amazon VPCs. Network interfaces cannot be put into promiscuous mode. Also, this is FORBIDDEN by Amazon policies.

Note: You can monitor your own traffic using VPC Flowlogs. This will show you higher level packet information, but will not include the data portion.

Source https://stackoverflow.com/questions/46809341

QUESTION

Elasticsearch [bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME]

Asked 2017-Aug-03 at 09:31

I have some problem with the elasticsearch query. when I use the query code it feedback the messages [bool] malformed query, expected [END_OBJECT] but found [FIELD_NAME].

...

ANSWER

Answered 2017-Aug-03 at 09:31

aggs is misplaced. Try this:

Source https://stackoverflow.com/questions/45479698

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

CVE-2014-4329 MEDIUM

Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

https://svn.ntop.org/bugzilla/show_bug.cgi?id=379

http://www.securityfocus.com/bid/66456

http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1-2-1/

http://packetstormsecurity.com/files/127329/Ntop-NG-1.1-Cross-Site-Scripting.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/92135

CVE-2014-5464 MEDIUM

Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.

http://seclists.org/fulldisclosure/2014/Sep/22

http://secunia.com/advisories/60096

http://www.exploit-db.com/exploits/34419

http://www.securityfocus.com/bid/69385

http://packetstormsecurity.com/files/127995/ntopng-1.2.0-Cross-Site-Scripting.html

http://osvdb.org/show/osvdb/110437

http://seclists.org/fulldisclosure/2014/Aug/65

http://seclists.org/fulldisclosure/2014/Sep/28

http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1-2-1/

https://exchange.xforce.ibmcloud.com/vulnerabilities/95461

http://www.securityfocus.com/archive/1/533332/100/0/threaded

http://www.securityfocus.com/archive/1/533222/100/0/threaded

CVE-2015-8368 MEDIUM

ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.

http://seclists.org/fulldisclosure/2015/Dec/10

http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html

https://www.exploit-db.com/exploits/38836/

CVE-2017-5473 HIGH

Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua.

https://github.com/ntop/ntopng/commit/f91fbe3d94c8346884271838ae3406ae633f6f15

https://github.com/ntop/ntopng/commit/1b2ceac8f578a246af6351c4f476e3102cdf21b3

http://www.securityfocus.com/bid/95654

https://www.exploit-db.com/exploits/41141/

CVE-2017-7416 MEDIUM

ntopng before 3.0 allows XSS because GET and POST parameters are improperly validated.

https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md

CVE-2017-7459 HIGH

ntopng before 3.0 allows HTTP Response Splitting.

https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md

CVE-2017-7458 HIGH

The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.

https://github.com/ntop/ntopng/commit/01f47e04fd7c8d54399c9e465f823f0017069f8f

https://github.com/ntop/ntopng/blob/3.0/CHANGELOG.md

CVE-2018-12520 HIGH

An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access.

https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a

https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f

http://seclists.org/fulldisclosure/2018/Jul/14

https://www.exploit-db.com/exploits/44973/

Install ntopng

You can download it from GitHub.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: