6/13/2023 0 Comments Mikrotik to ntopng![]() If your logs are so full of useless information finding a real problem becomes a real problem for the small WISP operator. The shere verbosity of the IDS platform can often at times be overwhelming.īut What if there was a better way, a different way… another way – ? There is –Ĭlick here to view NTOPs PDF on how to use ntopng to help augment and find security issues in your netflowsĭon’t get me wrong – we are not suggesting you abandon an IDS platform – just suggesting you augment it. ntopng does the packet capture itself to receive flow data it depends on nProbe, a NetFlow/IPFIX exporter/collector. The folks over at NTOP believe that it is possible to use network traffic monitoring tools like ntopng to spot many security issues that would make and IDS too complex/heavy to use (if possible at all). We wholeheartedly agree! Far to often the IDS platforms will tag simple traffic such as a Ping or tracert as a potential security risk – and these happen all the time – all day long. ntopng is an open-source web-based traffic analysis tool that does passive network monitoring based on flow data and statistics extracted from observed traffic. While we believe that they are good solutions, we have a different opinion on this subject… Far to often IDS’s are not the best tool.Īnd while many try to find that best tool – it is the opinion of our Connectivity Engineers and WISP Consultants that more than one tool is necessary. It is not an either or but rather using more tools at your disposal. Many WISPS utilize the project Chris Buechler – now with Ubiquity Networks helped write and start called PFSense as it makes the Suricata setup as easy as clicking a mouse and waiting a few minutes. Docker Compose is used to analyze traffic from a MikroTik router as described in the. Most security-oriented traffic analysts rely on Intrustion Detection Systems such as Bro or Suricata for network security. ![]() ![]() This is a rewrite mainly to gauge the post towards the Fixed Broadband Wireless industry. If you are not already following the nTop blog – you should start. ![]()
0 Comments
Leave a Reply. |