About 3D-tcpdump
Outline
Although the Internet connectivity which went via a cellular-phone network, ADSL-FTTH, etc. has generally spread, the "network" which consists of two or more computers serves as existence still opaque for people. This does not have the visible network which is the connection relation of computers, and it is thought that the end of a cause is to be unable to grasp the communication connection topology easily.
Then, we build the visualization software by the three-dimension graphical display of the network communication state on the basis of a single host, and topology aiming at being help for people grasping a thing called a network more nearly intuitively and cherishing interest. However, the realization is not easy even if it calls it visualization simply. Although it operates on a single host about, a tcpdump program is only from the packet flow information acquired from there, and when it displays a relation with the host on the local network in which he is, and the global network which is communicating, in fact, it is quite difficult. This software aims at grasping and forming a communication state and a network topology into 3D GUI display from the packet group information which a certain host has received now when it is obtained from a tcpdump program (correctly pcap library). Since only the data obtained on a single host is fundamentally considered as reliance, although what goes to a network topology cannot be grasped, the situation that the host is communicating now can be visualized according to a communication partner host. This is considered that it can use also as an auxiliary tool for a communication setup in a domestic network etc. while it is useful to for example, DoS attack detection, specification of a virus mail generation source host, etc.
Feature
- A network communication situation and an easy network topology are visualized intelligibly.
- Multiplatform
Related research
