Visualizing your network with RadialNet
Net View
RadialNet draws a picture of the network, helping admins identify potential security holes.
A number of programs let the user map network structures and vulnerabilities. One of the most popular tools is the terminal-based network mapper Nmap [1]. Many admins value Nmap's security and structure analysis functionality. Unfortunately, Nmap only offers a few internal options for visualizing the results of the analysis. A tool called RadialNet [2] visualizes network structures mapped by Nmap to provide a graphical overview of the networked computers (Figure 1).
Installation
RadialNet is written in Python. To use the program, you need a Python interpreter, along with the PyCairo, PyGTK, and PyGObject packages for the graphics. On Ubuntu, you can install these packages by typing sudo apt-get install python-cairo python-gtk2 python-gobject. Other distributions also include the packages by default. Launch your favorite distribution's software management tool to complete the installation.
After downloading RadialNet 0.44 [2], you can unpack the tool in a terminal window by typing tar xfvz radial-net- 0.44.tar.gz. Then, to launch the program, type python radialnet.pyw. RadialNet helps you visualize Nmap analysis results (see the "Exploring the Network with Nmap" box). The data must be formatted in XML and can be passed in to the program either at launch time, by adding a -f FILENAME flag, or interactively by selecting Open.
Exploring the Network with Nmap
Before you can start exploring your own network with Nmap, you need to be certain that Nmap is installed on your system. On Ubuntu, you can type sudo apt-get install nmap. For other distributions, it makes sense to launch a software management tool. RadialNet expects an XML input file, and Nmap will create XML if you specify -oX FILENAME when you launch. The following command
sudo nmap --traceroute -oX nmap-xml-output.xml www.linuxuser.de www.linux-magazine.com
analyzes the open ports on the http://www.linuxuser.de and http://www.linux-magazine.com web servers. The --traceroute parameter ensures that routing information is stored in the XML-formatted (-oX) file ( nmap-xml-output.xml ). You can then open and visualize the results in RadialNet (Figure 2).
Getting Started
RadialNet includes a sample input file, nmap_example.xml. The file is located in the share/sample/ subdirectory and will suffice for initial experiments. By default, your computer (localhost) will be at the center of the map, shown as a black dot. The colored nodes show the devices analyzed by Nmap. The color indicates the number of open ports. Because open ports are potential security risks, computers with very few open ports are shown in green. Yellow indicates a medium-scale risk, and red nodes are open as wide as a barn door. No port information is available for white nodes. Squares depict routers, switches, or WLAN access points. The type is indicated by a light blue icon [2]. Circles are "real" computers. Other icons might also appear. A yellow padlock stands for a computer with filtered ports, and a red wall is a firewall.
Left-clicking a circle or a square moves it to the center of the map. Right-clicking opens a pop-up dialog with detailed information on the selected network node (Figure 3). The General tab takes you to general operating system information and the active network interface. Services lists the open ports, and Traceroute tells you the route from the localhost to the node you clicked. Unfortunately, you cannot scale the pop-up window, which means you will probably need to scroll no matter how big your screen is.
The Tools | Host Viewer menu item takes you to a scalable overview (Figure 4) of the detailed information. The left-hand side of the window shows the nodes analyzed, with the information from the pop-up window on the right.
The map shows connections between individual nodes on the map, indicating the routes that data will take from localhost to the border nodes. If traceroute information is missing, the path is shown as a dotted line.
Visualization Options
Besides the buttons referred to already, RadialNet has four more in the top right of the window. About takes you to an About RadialNet dialog with licensing information (GPL 2) for the program. Fullscreen toggles the full-screen view on or off. The Fisheye button lets you toggle between a flat display and a fisheye view. The fisheye view assigns more space to the center of the map than to the border areas, thus making the information at the center easier to read. A slider appears at the bottom of the window, which you can use to change the fisheye view aspect. The flat view allocates the same amount of space to all the nodes on the map.
Clicking Controls displays a navigation aid on the right side of the window. With this tool, you can zoom in or out of the map or toggle between address and hostname views. Strangely, when you disable the address checkbox, the hostnames disappear too. Also, you might want to try a few of the parameters I looked at on the sample file to discover a perfect view mode for your own needs.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.