For a long time I’ve wanted a quick way of spitting out the topology of a network into an easy-to-digest image.
I couldn’t find any Open Source network visualizers I liked, so I sat down with John Hawthorn to write one.
We found Sophsec’s nmap-ruby, a nifty ruby library to call nmap and interpret the response. With the results of an nmap scan on the local network, we’d get a pretty good picture of all the hosts.
I sat down with the task of gathering information about the nodes, and how they relate to each other. What is plugged into what, which host is connected to which wireless router, and whatnot.
Unfortunately, for our home network we have a setup of 2 wireless routers behind a box that acts as our default gateway. This means that all of the traffic internally is done through switching and on layer 2, making tracepath and family unsuitable to map out how the nodes are connected.
As I discussed in my previous post about my dir-655, I ended up programatically logging into my routers to grab their list of connected clients through the admin.
Hawthorn called shotgun on the visualization side of things, and decided on Graphviz for a first-generation renderer.
I had to overcome a few annoying problems (about half way through which Hawth washed his hands at the project :p). I wrote a quick ruby gem to spit out interface information since I needed the localhost’s mac address which nmap did not spit out.
If no default gateway is specified in config, it uses a pretty gross parsing of route’s output to figure it out:
(`route -n`.split("\n").last.match /\s[\d\.]+/).strip
When all is said and done, though, I’m pretty happy with how a graph looks, and I’m storing the results of scans of my network as well as the generated images and plan to do some neat things once I’ve acquired enough data :}.