• Stars
    star
    147
  • Rank 251,347 (Top 5 %)
  • Language
    C
  • Created almost 16 years ago
  • Updated over 10 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

builds database/visualizations of LAN structure from passively sifted information
# ex: set ff=dos ts=2 et:

Author: Ryan Flynn <[email protected]>

Bugs: https://github.com/rflynn/lanmap2/issues

About
-----

lanmap2 is a passive network monitoring/analysis framework; no SNMP required.

it promiscuously listens to all passing data and sifts out potentially
interesting factoids (addresses, names, fingerprints, unusual situations, etc.)
into an sqlite database.

scripts are provided to query the database and generate image graphs of
network entities, overall connectivity, traffic and notable applications,
operating systems and roles that systems play.

     network
     stream
     /~/
    /~/      "cap"         sqlite
   /~/~~~~~~~~/~/  hints   _______
             /~/--------->(_______) graph.sh   __map___
 /~/~~~~~~~~/~/           |       |---------->|        |
/~/                       |_______|           | X--X   |
                                              |  `---X |
                                              |________|

it is meant to be an extensible framework; anyone who spends time looking 
at network traffic and knows a little SQL should be able to contribute
analysis-type 'mappings' (see data/*.sql)

lanmap2's components are decoupled from each other and are fairly
straight-forward and flexible; you can report things to the database without
having to use them and you can work on analysis-type tasks or scripts while
network capture is running.

the current graphing scripts use php to query the database and generate input
to graphviz; these can be modified fairly easily.

Installation
------------

Everything is pretty much manual at this point, oh well.

Dependencies:
	sqlite3 and libsqlite3 (sqlite2 not acceptable!)
	libpcap
	gcc
	php (to interface with db and generate graphviz input; plan on replacing with lua)
	graphviz (for graph generating)

  Ubuntu Linux:
  Debian Linux:
    sudo apt-get install libpcap-dev libsqlite3-dev gcc graphviz php5-cli php5-sqlite sqlite3

1. Run make

  make

  
  This will build and populate the database file 'db/db'
  And the parse/capture program 'src/cap'


Use
---

1. Start capturing

  cd db && sudo ../src/cap && cd -

  The application has to run as root, which is a potential security hazard.

	This currently produces prodigious amounts of output; sue me.

2. Generate a graph after letting the capture run for a while.

	cd graph && ./graph.sh && cd -

	This will generate a graph at graph/net.png

  This runs a bunch of php scripts.

3. View the graph via the web/ crap

  I suggest you map/symlink apache to the web/ directory if you are capable


TODO
----

* Replace php-based "graph"ing scripts with lua-based ones, and include lua
  runtime and libraries within the lanmap2 package; this will simplify the
  dependencies and allow more people to run it.

* There are always more protocols to support

* I'd eventually like to turn the graphing portion into a full-on IDE-like
  environment where one can filter machines, traffic and identify unknown machines,
  erroneous situations, etc.

More Repositories

1

imgmin

Lossy image optimization
C
649
star
2

regroup

Generate a regular expression that describes a set of strings.
Python
29
star
3

spill-chick

probabilistic language corrector based on google ngrams
Python
21
star
4

css-tools

CSS tools: analyze, refactor, minify CSS
Python
11
star
5

dragnet

simulate slow network connections on *nix
C
10
star
6

bugs

Compilation of infamous software engineering failures
PHP
8
star
7

abbot

erlang irc bot
Erlang
7
star
8

gproc_dist_example

erlang gproc_dist example
Erlang
6
star
9

python-examples

Python
5
star
10

c

random snippets of c
C
4
star
11

assume

C source code analysis/manipulation toolkit, someday
C
3
star
12

shac

show access control : whether a user has certain permissions on certain files and why or why not.
C
3
star
13

pro-file

statistical inferences from common online profile info
Python
3
star
14

genx

generates functions in native x86 machine code by way of a genetic algorithm
C
3
star
15

shell-examples

Shell
3
star
16

sky-ring

simulate a 6-month solar exposure
Python
3
star
17

erlang-examples

erlang-examples
Erlang
2
star
18

sqlacodegen

Python
2
star
19

postload

Prioritize/schedule web page asset loading in Javascript.
JavaScript
2
star
20

lanassert

monitor network activity via whitelist
C
2
star
21

radixtree

Python
2
star
22

proof

learn how to read and write formal proofs in Isabelle
2
star
23

httpxlog

External http logging via packet capture; added flexibility and power over built-in httpd logging
Python
2
star
24

trie1

Unicode-friendly string prefix trie data structure and python bindings.
C
2
star
25

plod

a slow solver that generates python expressions via genetic algorithm
Python
2
star
26

upmon

downforeveryoneorjustme.com + status.github.com
Python
1
star
27

webcite

web site analysis framework; python spider -> sqlite -> reports
Python
1
star
28

histogram

simple utility
C
1
star
29

erws

Erlang
1
star
30

respec

Hierarchical @spec for Erlang data
Erlang
1
star
31

commutism

Python
1
star
32

perl-examples

Perl
1
star
33

passwork

password strength measuring javascript toolkit for online forms
JavaScript
1
star
34

wat

Python
1
star
35

php-examples

PHP
1
star
36

beachball

do unquietwiki a favor
Python
1
star
37

vis-unicode-codespace

Python
1
star
38

rematch

regex match visualizer
1
star
39

euler

Project Euler investigations
Python
1
star
40

jsoncheck

python json schema validator with decent error messages
Python
1
star
41

elements

periodic table tiles crafted from the elements themselves
nesC
1
star
42

circumnavigation

HTML
1
star
43

name-data

Shell
1
star
44

real-life-optimizations

demonstrate the use of optimization techniques applied to everyday problems
Python
1
star
45

shootout

entries for The Great Programming Language Shootout
C
1
star