An Interactive Network Topology Visualization Tool with Visual Auditing Support



Similar documents
Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

NetCrunch 6. AdRem. Network Monitoring Server. Document. Monitor. Manage

RELEASE ANNOUNCEMENT Kaseya Network Discovery and Network Monitoring Version 1.0

NETWORK PENETRATION TESTING

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

A Biologically Inspired Approach to Network Vulnerability Identification

3D Tool 2.0 Quick Start Guide

Pwning Intranets with HTML5

Information Technology Career Field Pathways and Course Structure

An Introduction to Network Vulnerability Testing

Linux Network Security

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows InTune (October 2013 Release)

Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS

Using IPM to Measure Network Performance

ALTIRIS TOPOLOGY VIEWER 6.0 PRODUCT GUIDE

Configuring SNMP Cisco and/or its affiliates. All rights reserved. 1

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

WHITE PAPER. An Introduction to Network- Vulnerability Testing

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

CARENET-SE. NOC Tools Review. Communication System Design Summer Project team. Champion Björn Pehrson Coach Hans Eriksson

Details. Some details on the core concepts:

Data Center Visualization Using Visio

SAS/GRAPH Network Visualization Workshop 2.1

Footprinting and Reconnaissance Tools

information security and its Describe what drives the need for information security.

Kerem Kocaer 2010/04/14

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

Detection of illegal gateways in protected networks

EXTRA. Vulnerability scanners are indispensable both VULNERABILITY SCANNER

Automate Key Network Compliance Tasks

Network Topology. White Paper

NETWORK SECURITY WITH OPENSOURCE FIREWALL

FOXBORO. I/A Series SOFTWARE Product Specifications. I/A Series Intelligent SCADA SCADA Platform PSS 21S-2M1 B3 OVERVIEW

Free Network Monitoring Software for Small Networks

During your session you will have access to the following lab configuration. CLIENT1 (Windows XP Workstation) /24

AdRem NetCrunch. Premium and Premium XE Editions. User s Guide. Version 6.x. Network Monitoring & Management System

NetBrain Workstation Professional Edition 2.3 Release notes

Network performance in virtual infrastructures

ARE YOU REALLY PCI DSS COMPLIANT? Case Studies of PCI DSS Failure! Jeff Foresman, PCI-QSA, CISSP Partner PONDURANCE

Integration Guide. Help Desk Authority, Perspective and sl

Advanced Network Monitoring ANM

Hierarchy and Tree Visualization

Hierarchical Data Visualization

Networking Basics for Automation Engineers

Information and Digital Technology

1 Log visualization at CNES (Part II)

AASTMT Acceptable Use Policy

Host Discovery with nmap

GUIDE TO INFORMATION SECURITY TESTING AND ASSESSMENT

Using Skybox Solutions to Achieve PCI Compliance

Additional Information: A link to the conference website is available at:

Automated Penetration Test

iviewer Monitoring Application for ipad, ipod, iphone and Android phones and tablets

Cisco Advanced Services for Network Security

WHITE PAPER OCTOBER CA Unified Infrastructure Management for Networks

Lab Diagramming Intranet Traffic Flows

WÜRTHPHOENIX NetEye Version 3

Lab Configuring Access Policies and DMZ Settings

Tools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus.

Vidi NMs Network Management

STAR-LAUNCH AND NETWORK DISCOVERY

CNE Network Assessment

Passive Vulnerability Detection

Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant

Security visualisation

Network Management Deployment Guide

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Best Practices for IP Node Monitoring

74% 96 Action Items. Compliance

Looking for Trouble: ICMP and IP Statistics to Watch

Using the Cisco OnPlus Scanner to Discover Your Network

How To Use A Help Desk With A Pnettrap On A Pc Or Mac Or Mac (For A Laptop)

Vulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad

CompTIA Exam N CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]

Firewall Change Management

Chapter 11 Cloud Application Development

Getting Started with PRTG Network Monitor 2012 Paessler AG

Lab Developing ACLs to Implement Firewall Rule Sets

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Visualize, Document & Keep Your Network Running!

iscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi

Auditing the LAN with Network Discovery

Tk20 Network Infrastructure


Lab Diagramming External Traffic Flows

Transcription:

An Interactive Network Topology Visualization Tool with Visual Auditing Support João Paulo S. Medeiros 1, Selan Rodrigues Santos 2 <joaomedeiros@dca.ufrn.br>, <selan@dimap.ufrn.br> 1 Department of Computer Engineering and Automation DCA 2 Department of Informatics and Applied Mathematics DIMAp Federal University of Rio Grande do Norte UFRN Frascati, Italy, Oct. 2008 João Paulo S. Medeiros p. 1

Agenda Introduction Motivation Requirements Related work Network Security Nmap Visualization Reference Model The Application Some Features Case Studies Final Considerations João Paulo S. Medeiros p. 2

Introduction Motivation Data retrieval and visualization is a challenge for large networks; Data presentation is generally textual; Information Visualization can be applied to network related data; These techniques can be used to provide an effective network topology representation. João Paulo S. Medeiros p. 3

Introduction Requirements A network visualization tool must... Be able to represents large networks (more than hundreds of nodes); Provide mechanisms to navigate the network topology and its data; Afford a simple and complete (all data) visual representation; Get rid of or offer solutions for data occlusion. João Paulo S. Medeiros p. 4

Introduction Related Work There are problems with existing network visualization tools: fe3d: the three-dimensional approach implies data occlusion; Nagios: the radial visualization is good, but it lacks features; Cheops-ng: it is not based on solid information visualization techniques. João Paulo S. Medeiros p. 5

Network Security Nmap Tool used to acquire network data. Features: Detect networks devices (routers, firewalls, wireless access points,...); Detect remote operating system (OS fingerprinting); Perform Ports scan and service discovery (FTP, DNS, HTTP,...); Discover Network topology(using Traceroute); Determine link latency and route disruption. João Paulo S. Medeiros p. 6

Visualization Reference Model (Stuart Card) Used reference model. João Paulo S. Medeiros p. 7

Visualization Reference Model (phases) Data Transformation Data tables organized in variable types; Visual Mappings Association between data tables and retinal variables; Node-links diagrams (radial layout); Visual marks + graphical properties; View Transformations Navigation (animation, zooming, panning, reorganization of nodes); Detail-on-demand; Strategies to handle occlusion (filtering, fisheye distortion, subgraph collapsing). João Paulo S. Medeiros p. 8

The Application http://www.dca.ufrn.br/~joaomedeiros/radialnet/ João Paulo S. Medeiros p. 9

Some Features Open ports details; Filtered ports; Running services information; Detailed traceroute. Detail on demand. João Paulo S. Medeiros p. 10

Some Features Collapsing(grouping) nodes. João Paulo S. Medeiros p. 11

Some Features Fisheye based effect. João Paulo S. Medeiros p. 12

Case Study Brazilian Universities Node shape; Color and size; Line thickness; Icons; Orange lines; Dashed lines. 50 Brazilian universities(238 nodes). João Paulo S. Medeiros p. 13

Case Study Brazilian Universities Several hosts have security problems; All hosts have filtered ports; We can identify switches, routers and WAPs; Alternative routes; Hop counting; Network bottlenecks. João Paulo S. Medeiros p. 14

Case Study Large Networks To handle occlusion: Filtering; Subgraph collapsing; Fisheye distortion. Visualization of 1000 nodes. João Paulo S. Medeiros p. 15

Final Considerations Nmap/Umit Integration Radialnet was developed during Google Summer of Code 2007; Has been integrated to Umit (Nmap frontend); Added to Nmap/Zenmap. Conclusion Information Visualization models and techniques can help network security management! Future Work Perform a cross-referencing between captured data and NIST vulnerability database; Use other tools to acquire data can extend applicability: Network administration; Load balancing analysis. João Paulo S. Medeiros p. 16

Contact joaomedeiros@dca.ufrn.br João Paulo S. Medeiros p. 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information