NHA-project

Download Report

Transcript NHA-project 

The Laboratory of
Computer Communication
and Networking
Network Host
Analyzer
(NHA)
Project Team
Members:
Arie Abramovici
Yonatan Eldar
Gil Nitzan
Instructor:
Izik Alperon
Supervisor:
Itay Dabran
sarie@t2
seldary@t2
sgilnit@t2
izik@cs
idabran@cs
Project Goal

Develop an application that will be used
in order to monitor a large number of
hosts on a network, running different
operating systems.
Background
A big part of the job of any network
administrator is the actual management and
administration of the network.
 One of the most valuable assets an
administrator can own in order to manage a
network, is a detailed report about each device
the network contains.

Background (cont.)
•
•
•
The information required for such a report can be
gathered by connecting to the network components (e.g.
the routers and switches), and the computers which we
want to monitor.
However, for large networks, it is hard to manually get
such information, as there is too much information in the
system.
Therefore, there is a need for a tool that can generate
the information automatically, and present it to the
administrator in a way that can be easily read.
Background (cont.)


Moreover, sometimes some information about the
network is stored out of the network (for example a list
of users, or a list of computers which may exist
somewhere)
So, in order to properly protect the network for
malfunctions and attacks, there is a need for a tool that
can gather information from different sources in order to
ensure reliability and correctness of the information
shown.
Project Description


The NHA project monitors a network, by
gathering information from different sources.
These sources are:
1.
2.
3.
4.
The network routers
The network switches
An agent on the hosts
A list of users on the internet
Project Description (cont.)



The application was written in c++ with MFC
support for the GUI module.
The agent was written in Java in order to ensure
portability between different platforms.
In the different modules you may find code
dealing with TCP connections, UDP messages,
multiple threads, MFC gui and many more three
letter buzzwords.
Application Features

In the main window there are 3 options:
Refresh button: once pressed, the manager module
gathers all the information from the network
simultaneously, it may take several seconds
(approx. 10).
 Map button: after the database was first refreshed
the map button will open a dialog presenting the
map of the network.
 Configuration: opens configuration window.

Application Features (cont.)




In addition, in the main window once the database has
been refreshed, a list of all hosts will appear, showing
all information gathered.
Double clicking a host will open an information dialog
containing the information described above.
The user can receive a list of hosts on a certain switch.
The user can also search the list for a certain ip, mac or
hostname.
Application Feat. Map dialog



While cruising the map dialog you may click on each
device.
Clicking a device icon will pop an information box
containing its IP, name and level.
Also, the box will present information about each
device port such as speed, bandwidth (half or full), etc.
Application Feat. – configuration


In this screen the user can specify what routers
and switches IP’s to use in the search, and what
username and password to use.
This information will be saved for the next time
the user launches NHA.
Project Description (cont.)



The NHA project, on demand, gathers the
information about the network, and then displays it in
a graphical interface.
The project consists of two applications, a manager
and an agent.
The manager is made of 6 main modules:
1.
2.
3.
4.
5.
6.
NHA Telnet
NHA Database
NHA Parsing
NHA Server
NHA GUI
NHA Internet
NHA Agent Description


The NHA agent is installed on each computer on the
network (in the main gui interface the admin can see
what computers don’t have agents in order to help this
process)
After being installed, the agent waits until it is
approached and only then sends back information
about the platform and the user which is logged on.
NHA manager- Telnet



The Telnet interface opens a telnet connection to every
router and switch.
On this connection the interface asks for the needed
tables from each router and switch, and then parses the
tables, using the Parsing module.
The tables we use are:




Router & Switch Macs (For each port)
Arp tables (For router)
Switch tables (For analyzing hosts)
Note: for each device there are 2 telnet approaches. One
for attaching each port to specific MAC address, only
then the second approach may occur to learn from the
arp and switch tables.
NHA manager- Database


The Database module holds all the shown
information about the hosts in several hash
tables, in order to ensure fast searching.
All the information about the routers and
switches is stored in the database.
NHA manager- Parsing


The Parsing module gets the tables from the
switches and routers and parses the useful
information into the database.
The Parsing module also parses the incoming
messages from the agents, and the users table
from the internet.
NHA manager- Agent Interface



The agent interface is activated after the router and
switches interface.
Thus, when we use the agent interface we already know
all the hosts on the network, and so we can send them
messages directly.
The agent interface sends udp messages to each host.
Then, each host replies with information about the
users:




Login (retrieved automatically)
The platform used (retrieved automatically)
Hostname (retrieved automatically)
Port (manually entered by user)
NHA manager – Server


The server gets from the agents the port name of the
host, and the login name, and extracts from them the
level of the host and more.
The following information is sent by the agent, but if the
information from the internet can be retrieved (using the
login name), the manager takes the information from
the internet





Phone
Email
Name
Room
Level
NHA manager- GUI


The graphical user interface shows all the
gathered information in a list, ensuring the user
fast and easy way to review the network hosts.
Using the information gathered on the routers
and switches, a (realtime) map of the network
can be shown, enabling fast access to
information about a device.
NHA manager- Internet Interface




The internet interface is designed in order to receive a
table of users, their room, phone number and email.
Such a table exists for CS network at
http://www.cs.technion.ac.il/People/Directory/index.h
tml
The interface downloads this page and parses this
information.
Note: the parsing of the file matches specifically the
format of CS faculty directory file, However, in case
such file doesn't exist the program may still run without
it.
And now…
Live
Demonstration