* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download NHA-project
		                    
		                    
								Survey							
                            
		                
		                
                            
                            
								Document related concepts							
                        
                        SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Computer network wikipedia , lookup
Network tap wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
						
						
							Transcript						
					
					The Laboratory of Computer Communication and Networking Network Host Analyzer (NHA) Project Team Members: Arie Abramovici Yonatan Eldar Gil Nitzan Instructor: Izik Alperon Supervisor: Itay Dabran sarie@t2 seldary@t2 sgilnit@t2 izik@cs idabran@cs Project Goal  Develop an application that will be used in order to monitor a large number of hosts on a network, running different operating systems. Background A big part of the job of any network administrator is the actual management and administration of the network.  One of the most valuable assets an administrator can own in order to manage a network, is a detailed report about each device the network contains.  Background (cont.) • • • The information required for such a report can be gathered by connecting to the network components (e.g. the routers and switches), and the computers which we want to monitor. However, for large networks, it is hard to manually get such information, as there is too much information in the system. Therefore, there is a need for a tool that can generate the information automatically, and present it to the administrator in a way that can be easily read. Background (cont.)   Moreover, sometimes some information about the network is stored out of the network (for example a list of users, or a list of computers which may exist somewhere) So, in order to properly protect the network for malfunctions and attacks, there is a need for a tool that can gather information from different sources in order to ensure reliability and correctness of the information shown. Project Description   The NHA project monitors a network, by gathering information from different sources. These sources are: 1. 2. 3. 4. The network routers The network switches An agent on the hosts A list of users on the internet Project Description (cont.)    The application was written in c++ with MFC support for the GUI module. The agent was written in Java in order to ensure portability between different platforms. In the different modules you may find code dealing with TCP connections, UDP messages, multiple threads, MFC gui and many more three letter buzzwords. Application Features  In the main window there are 3 options: Refresh button: once pressed, the manager module gathers all the information from the network simultaneously, it may take several seconds (approx. 10).  Map button: after the database was first refreshed the map button will open a dialog presenting the map of the network.  Configuration: opens configuration window.  Application Features (cont.)     In addition, in the main window once the database has been refreshed, a list of all hosts will appear, showing all information gathered. Double clicking a host will open an information dialog containing the information described above. The user can receive a list of hosts on a certain switch. The user can also search the list for a certain ip, mac or hostname. Application Feat. Map dialog    While cruising the map dialog you may click on each device. Clicking a device icon will pop an information box containing its IP, name and level. Also, the box will present information about each device port such as speed, bandwidth (half or full), etc. Application Feat. – configuration   In this screen the user can specify what routers and switches IP’s to use in the search, and what username and password to use. This information will be saved for the next time the user launches NHA. Project Description (cont.)    The NHA project, on demand, gathers the information about the network, and then displays it in a graphical interface. The project consists of two applications, a manager and an agent. The manager is made of 6 main modules: 1. 2. 3. 4. 5. 6. NHA Telnet NHA Database NHA Parsing NHA Server NHA GUI NHA Internet NHA Agent Description   The NHA agent is installed on each computer on the network (in the main gui interface the admin can see what computers don’t have agents in order to help this process) After being installed, the agent waits until it is approached and only then sends back information about the platform and the user which is logged on. NHA manager- Telnet    The Telnet interface opens a telnet connection to every router and switch. On this connection the interface asks for the needed tables from each router and switch, and then parses the tables, using the Parsing module. The tables we use are:     Router & Switch Macs (For each port) Arp tables (For router) Switch tables (For analyzing hosts) Note: for each device there are 2 telnet approaches. One for attaching each port to specific MAC address, only then the second approach may occur to learn from the arp and switch tables. NHA manager- Database   The Database module holds all the shown information about the hosts in several hash tables, in order to ensure fast searching. All the information about the routers and switches is stored in the database. NHA manager- Parsing   The Parsing module gets the tables from the switches and routers and parses the useful information into the database. The Parsing module also parses the incoming messages from the agents, and the users table from the internet. NHA manager- Agent Interface    The agent interface is activated after the router and switches interface. Thus, when we use the agent interface we already know all the hosts on the network, and so we can send them messages directly. The agent interface sends udp messages to each host. Then, each host replies with information about the users:     Login (retrieved automatically) The platform used (retrieved automatically) Hostname (retrieved automatically) Port (manually entered by user) NHA manager – Server   The server gets from the agents the port name of the host, and the login name, and extracts from them the level of the host and more. The following information is sent by the agent, but if the information from the internet can be retrieved (using the login name), the manager takes the information from the internet      Phone Email Name Room Level NHA manager- GUI   The graphical user interface shows all the gathered information in a list, ensuring the user fast and easy way to review the network hosts. Using the information gathered on the routers and switches, a (realtime) map of the network can be shown, enabling fast access to information about a device. NHA manager- Internet Interface     The internet interface is designed in order to receive a table of users, their room, phone number and email. Such a table exists for CS network at http://www.cs.technion.ac.il/People/Directory/index.h tml The interface downloads this page and parses this information. Note: the parsing of the file matches specifically the format of CS faculty directory file, However, in case such file doesn't exist the program may still run without it. And now… Live Demonstration
 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                            