Deep Packet Inspection
Identify applications and categories
Last updated
Identify applications and categories
Last updated
NETCAP has support for using libprotoident (v2.0.14), to identify 45 application categories and 500+ applications and protocols!
The full list of supported protocols can be found here:
libprotoident is maintained by the WAND group, you can download and install the library here:
Furthermore nDPI (v3.0) can be used to identify 244 applications, they are listed here:
nDPI is mainted by ntop, and can be downloaded here:
The results from all heuristic engines (lPI, nDPI and go heuristics) get dedpulicated automatically. Future versions could create a certainity score based on the number of votes from different heuristics.
DPI is currently used to indicate which applications have been seen for which IPProfile, when using the DeviceProfile decoder.
Read more about DeviceProfiles here:
Device ProfilesNETCAPs DPI integration is currently only available on linux and macOS.