Hi all after months of work, we announce the release of nDPI. What is nDPI? It's ntop-maintained superset of the popular OpenDPI library. Released under the GPL license, its goal is to extend the original library by adding new protocols that are otherwise available only on the paid version of OpenDPI. In addition we have modified nDPI do be more suitable for traffic monitoring applications, by disabling specific features that slow down the DPI engine while being them un-necessary for network traffic monitoring.
nDPI is used by both ntop and nProbe for adding application-layer detection of protocols, regardless of the port being used. This means that it is possible to both detect known protocols on non-standard ports (e.g. detect http non ports other than 80), and also the opposite (e.g. detect Skype traffic on port 80). This is because nowadays the concept of port=application no longer holds. We are continuously extending nDPI and so far the following protocols have been added with respect to the original library: - BitTorrent (extension) - FaceBook - Twitter - DropBox - Gmail - Google Maps - YouTube - Skype - Google (generic) - DCE RPC - NetFlow_IPFIX - sFlow - HTTP Connect - HTTP Proxy - Citrix - Netflix nDPI is automatically downloaded when you build ntop and nProbe. However nothing prevents you from using it as a standalone DPI library. The source code can be downloaded from the ntop SVN. More info can be found at the nDPI web page (http://www.ntop.org/products/ndpi/). I would encourage anyone out there to help us adding or enhancing new protocols. Enjoy Luca _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
