Websockets Are Here
Adobe Flash is one of the original sins. It is everywhere and yet it is a huge security risk. Websockets is an HTML5 standard that, for us, provided an alternative to Adobe Flash.
For now we support both. The browser will try to use Adobe Flash first, and if it is not present or it is disabled, it will try using Websockets (which are hard-coded in your Browser). I you want to keep using Adobe Flash, you do not have to do anything; things should keep working as before.
If your sensors are configured as clients, and you do not want to use Flash anymore, just disable it and the Browser will do the rest. You will be using MetaFlows SSL certificate.
If your sensors are configured as servers, and you do not want to use Flash anymore, well, it’s a bit of work to use Websockets because current Browser implementations do not allow self-signed SSL certificates (this is probably a good thing). To use Websockets on sensors configured as servers:
- Add your sensors’ static IPs to the DNS (like: <sensorname1>@mydomain.com)
- Generate a valid SSL certificates that matches the DNS name in step 1 (cannot be self-signed). If you do not want to generate a separate certificate for each sensor, you can also buy a *.mysensordomain.com certificate to share by all your sensors.
- Bundle the certificates with the command:
# cat my_certificate.crt my_certificate.key bundle_certificate.crt > sensorcert
- Copy sensorcert to /usr/local/etc/ntop/sensor-server.pem on your sensors’ hard disk.
- Go to nsm.metaflows.com and replace the static IP address of your sensors as a server with the names you setup in step 1
- Make sure your browser can reach the sensors on ports 3009 and 3010
- Restart your sensors as a server with the command:
Adding Websockets support was a fairly extensive change in our system; so there could still be some issues. As always feel free to contact us if you have any questions or you see any problems.
Thank you for exploring the unknown with us!
The MetaFlows Team.