@da_667 it is civilized to proxy that shit (it is the vast majority of the traffic, mostly) and use your own certs, should you proxy through yacy and spider every site you visit? should you use squid proxy to speed up browsing? those options are left to the reader - they all work and you can get reports - are most smb going to do lots of threat hunting probably not but they may go hybrid #unknown binary #ntopng #top talkers #comp intel #enumeration #attribution
@Rainer "friendica" Sokoll
#ntopng
Weia, ich hatte das zuerst gelesen als n_to_png, wobei ich mich fragte, wass denn „n“ für ein Bildformat sei …
Netzgemeinde/Hubzilla

Oh Mann, mein altes, graues Herz.
Ich spiele mit #ntopng rum und sehe stabil viel Traffic von meinem Server im Keller zu einer russischen v6-Adresse.
Mein Server hat aber keinen Grund, viele Daten nach Rußland zu schicken, dennoch tut er das.
tcpdump zeigt nur unlesbares Binär-Geraffel. Der Puls steigt. APT-Putin im Keller? Die Russen wollen meine Kohlen fressen? Und wieso läßt mein Router das durch? Eingehende Verbindungen, auch v6, werden doch weggeworfen?
Auflösung: #snowflake
❯ journalctl -u snowflake-proxy | tail -5 Apr 16 17:06:50 halde snowflake-proxy[1393035]: 2026/04/16 15:06:50 In the last 1h0m0s, there were 16 connections. Traffic Relayed ↑ 3539 KB, ↓ 1828 KB. Apr 16 18:06:50 halde snowflake-proxy[1393035]: 2026/04/16 16:06:50 In the last 1h0m0s, there were 23 connections. Traffic Relayed ↑ 86127 KB, ↓ 9898 KB. Apr 16 19:06:50 halde snowflake-proxy[1393035]: 2026/04/16 17:06:50 In the last 1h0m0s, there were 14 connections. Traffic Relayed ↑ 5697 KB, ↓ 311 KB. Apr 16 20:06:50 halde snowflake-proxy[1393035]: 2026/04/16 18:06:50 In the last 1h0m0s, there were 8 connections. Traffic Relayed ↑ 42374 KB, ↓ 131 KB. Apr 16 21:06:50 halde snowflake-proxy[1393035]: 2026/04/16 19:06:50 In the last 1h0m0s, there were 72 connections. Traffic Relayed ↑ 39725 KB, ↓ 4300 KB. ❯
Das hatte ich völlig vergessen. Dann ist ja alles gut, Putin ärgert sich und ich freue mich, vielleicht ein paar Russen freies internet gegeben zu haben.
I’ve just tested #ntopng on my FreeBSD router, for about an hour. It’s a really great software. Unfortunately it consumes much more CPU than I’m willing to spend for that job, so I’ll probably uninstall.
A great discovery nonetheless.

Since my #librenms was a complete failure.
Only got partial success on #NixOS
#Debian was a nogo

i found #ntopng
Presents all sorts of cool stats
And it doesn't blow my memory budget on my NixOS gateway/ firewall

Are there any more tools that are worth checking out?

#opnsense migration: Complete.

The preparation legwork made lots of things easier, but even once swapped I realized I had about 5% of it wrong.

I also still had a #virtualip in the config from the first hour of having it running when I was trying to migrate away from my VIPs in a #fortigate, which are a TOTALLY different thing.

NAT Reflection eluded me for a good hour, but all the VLANs behave, #kea DHCP seems to be all up and running and #ntopNG is much nicer than some of the built in systems of #fortinet.

#IDS feels innately trickier than before but pros and cons.

[OPNsense] Web UI inaccessible over IPv6 · Issue #9817 · ntop/ntopng

Environment: OS name: OPNsense OS version: 25.7 Architecture: amd64 ntopng version/revision: Community v.6.4.251106 rev.0 (FreeBSD 14.3) What happened: ntopng web interface is inaccessible via the ...

GitHub

Sehr schön: Mein #Mikrotik schreibt jetzt #Netflow zu #ntopng.
Next step: die Daten weiter zu #Grafana schieben.

#Hashtaggalore

I installed #ntopng on my #pihole box (b/c shared db) and, in about an hour, things completely blew-up

I also changed who hands out DHCP addresses from the router to the pihole, so that may have added some additional load

Didn't take long for my nameservices to come to a grinding halt; ntopng had became a runaway and exhausted CPU and RAM resources as load went through the roof - I had to stop & disable ntopng and allow the system to cool

I checked my hardware on various #pi ❤️ boards I have in dedicated services and was stunned to see that pi-hole had been happily chugging along, all this time, on a pi2b1

Nice.