Most of them have been created with afterglow. For inspiration, checkout out where you find many examples on such graphs. Afterglow offers some wrapping that makes the output more digestible. The low-key approach involves generating GraphViz output. Bro ("the Python for the network") allows you to codify such analysis in a very natural form.
For example, detecting routers may involve looking at packet forwarding behavior or extracting default gateways from DHCP ACK messages. By weighing the edges with some metric (number of packets/bytes/connections), you can get an idea about the relative contribution of a given node.įor more sophisticated analyses, you will have to develop some heuristics. It is straight-forward to extract communication graphs, i.e., graphs that show who communicates with whom. The most useful tool that comes to mind in this space is Bro, which creatse quality connection logs. The community has not yet have developed reliable tools, because network traffic exhibits so much hard-to-deal with crud.
0 kommentar(er)
