Sharp Ideas

Open Source, Future Technology, and the Web

Sharp Ideas header image 1

Network visualization with dot and neato

December 22nd, 2007 · No Comments · information security

Dot and neato are two utility applications that are bundled with graphviz.  Dot is used for creating directed graphs, neato draws undirected graphs.

Using dot from the command-line couldn’t be easier.  Here’s a simple example:

dot -Tsvg fsm.dot -o fsm.svg

This creates an SVG image of the finite state machine (fsm) defined in the text file fsm.dot.


fsm

 

 

 

 

 

 

Using neato is just as easy:

neato -Tsvg fsm.dot -o fsm.svg

→ No CommentsTags:

Network visualization with graphviz

December 22nd, 2007 · No Comments · information security

Graphviz, an open source application released by AT&T, is a handy tool for automatically creating graphical representations of directions (and undirected) graphs.

network

 

 

 

 

This capability is particularly handy when trying to get an understanding of the logical relationships within a social network.

 

Graphviz is well documented, and includes APIs for extending its use via Java, .NET, Perl, Python, and PHP.

→ No CommentsTags:

GFI Asia Pacific notes threats due to pod slurping

September 29th, 2007 · No Comments · information security

Here’s an interesting article from the technical staff at GFI:

Pod slurping - data security risks on your network

full story: http://www.searchcio.com.au/papers/paper.asp?DocID=20227&SiteID=14

→ No CommentsTags:

Wireshark recipe to capture packets from the command line

August 29th, 2007 · No Comments · howto, information security, wireshark

Wireshark is a great utility for doing packet capture and analysis. It is an open source suite of applications that evolved from the ethereal project. My friend Angela Orebaugh has written comprehensive books on both Wireshark and Ethereal (I recommend them both!).

Sometimes while troubleshooting, it is necessary to run packet captures as part of an automated process. For example, you want to debug the network behavior of an application that runs at 1:15am. It would be really handy to have a way to run wireshark from a shell script or batch file. Enter tshark!

Tshark (text {wire}shark) is a command line version of wireshark. Here are a tshark few recipes I’ve used in the past:

tshark -i 4 (capture packets from interface #4 and print headers to STDOUT)

tshark -i4 -w output.cap (capture packets to the file output.cap)

tshark -i 4 -b files:10 -b filesize:9999 -w output.cap (capture packets in a ringbuffer of 10 files, each up to 9.9 MBytes)

Free the packets! :)

→ No CommentsTags: