RE: generating a network map

["Steve A" <pen.test.mail () logicallysecure org>]

Talha

It depends if you are trying to generate a map from captured data or
want to generate a map from new/scratch. 

I notice several contributors have mentioned CHEOPS, however in my
experience it is very noisy (in terms of network traffic), frequently
locks up (probably because it is getting rather old and is not supported
(inc CHEOPS-NG) and possible most importantly does not scale well above
50 machines (ie the map does not get any bigger and all you get is rows
and rows of icons).  

If you want to do it manually, and on a budget, try Friendly Pinger /
Friendly Net viewer, both from http://www.kilievich.com/, they do have a
discovery function.  We use Friendly Pinger on tests as the tester
builds his net map slowly and he can paste nmap scans into each PCs
notes.  Additionally, the software pings each host every minute so you
know if it has gone down (user configurable alerts).

Alternatively, try the sourcefire IDS products (specifically the RNA
Sensor) as these map a network by monitoring the traffic between hosts -
they are completely passive and the 3d maps they create are ACE, and the
data you can extract is both real and exceptionally detailed.

Steve A

steve<at>logicallysecure.org



-----Original Message-----
From: Talha [mailto:tt83x () yahoo com] 
Sent: 18 June 2005 06:31
To: pen-test () securityfocus com
Subject: generating a network map


Hello there,
I am looking for a software that can generate or
reconstruct a network topology from raw data obtained
from live network capturing or offline tcpdump capture
files. 

Also if theres any utility (preferably open source)
than can generate a network map from nmap logs.

any help will be highly appreciated


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com