IDS mailing list archives
RE: generating a network map
From: "Raffael Marty" <raffy () raffy ch>
Date: Mon, 20 Jun 2005 19:00:23 -0400 (EDT)
Given that you'll now have a OS to IP map of the network, you in essence have a non-visual network topology. If pictures are important, you could manually construct the network diagram or write a PERL script to do it for you (as per the suggestion from Nathan Einwechter). Sounds almost like a new spin on Cheops...
If this is what you want, I am working on a tool called AfterGlow that = takes csv input and visualizes it. Along with the tool I also released a = tcpdump parser that lets you process a pcap file and generate a graph = from it. I am going to give a talk at DefCon this year about what you = can do with the tool and how to use it...=20 I am currently updating the tool, but check the cvs for the latest = release (afterglow.sourceforge.net). -raffy -- Raffael Marty, GCIA, CISSP raffael.marty () arcsight com Senior Security Engineer Content Team @ ArcSight Inc. 5 Results Way Cupertino, CA 95014 (408) 864-2662 -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- RE: generating a network map Raffael Marty (Jun 20)