Visualizing your network with RadialNet
Net View
RadialNet draws a picture of the network, helping admins identify potential security holes.
A number of programs let the user map network structures and vulnerabilities. One of the most popular tools is the terminal-based network mapper Nmap [1]. Many admins value Nmap's security and structure analysis functionality. Unfortunately, Nmap only offers a few internal options for visualizing the results of the analysis. A tool called RadialNet [2] visualizes network structures mapped by Nmap to provide a graphical overview of the networked computers (Figure 1).
Installation
RadialNet is written in Python. To use the program, you need a Python interpreter, along with the PyCairo, PyGTK, and PyGObject packages for the graphics. On Ubuntu, you can install these packages by typing sudo apt-get install python-cairo python-gtk2 python-gobject. Other distributions also include the packages by default. Launch your favorite distribution's software management tool to complete the installation.
After downloading RadialNet 0.44 [2], you can unpack the tool in a terminal window by typing tar xfvz radial-net- 0.44.tar.gz. Then, to launch the program, type python radialnet.pyw. RadialNet helps you visualize Nmap analysis results (see the "Exploring the Network with Nmap" box). The data must be formatted in XML and can be passed in to the program either at launch time, by adding a -f FILENAME flag, or interactively by selecting Open.
Exploring the Network with Nmap
Before you can start exploring your own network with Nmap, you need to be certain that Nmap is installed on your system. On Ubuntu, you can type sudo apt-get install nmap. For other distributions, it makes sense to launch a software management tool. RadialNet expects an XML input file, and Nmap will create XML if you specify -oX FILENAME when you launch. The following command
sudo nmap --traceroute -oX nmap-xml-output.xml www.linuxuser.de www.linux-magazine.com
analyzes the open ports on the http://www.linuxuser.de and http://www.linux-magazine.com web servers. The --traceroute parameter ensures that routing information is stored in the XML-formatted (-oX) file ( nmap-xml-output.xml ). You can then open and visualize the results in RadialNet (Figure 2).
Getting Started
RadialNet includes a sample input file, nmap_example.xml. The file is located in the share/sample/ subdirectory and will suffice for initial experiments. By default, your computer (localhost) will be at the center of the map, shown as a black dot. The colored nodes show the devices analyzed by Nmap. The color indicates the number of open ports. Because open ports are potential security risks, computers with very few open ports are shown in green. Yellow indicates a medium-scale risk, and red nodes are open as wide as a barn door. No port information is available for white nodes. Squares depict routers, switches, or WLAN access points. The type is indicated by a light blue icon [2]. Circles are "real" computers. Other icons might also appear. A yellow padlock stands for a computer with filtered ports, and a red wall is a firewall.
Left-clicking a circle or a square moves it to the center of the map. Right-clicking opens a pop-up dialog with detailed information on the selected network node (Figure 3). The General tab takes you to general operating system information and the active network interface. Services lists the open ports, and Traceroute tells you the route from the localhost to the node you clicked. Unfortunately, you cannot scale the pop-up window, which means you will probably need to scroll no matter how big your screen is.
The Tools | Host Viewer menu item takes you to a scalable overview (Figure 4) of the detailed information. The left-hand side of the window shows the nodes analyzed, with the information from the pop-up window on the right.
The map shows connections between individual nodes on the map, indicating the routes that data will take from localhost to the border nodes. If traceroute information is missing, the path is shown as a dotted line.
Visualization Options
Besides the buttons referred to already, RadialNet has four more in the top right of the window. About takes you to an About RadialNet dialog with licensing information (GPL 2) for the program. Fullscreen toggles the full-screen view on or off. The Fisheye button lets you toggle between a flat display and a fisheye view. The fisheye view assigns more space to the center of the map than to the border areas, thus making the information at the center easier to read. A slider appears at the bottom of the window, which you can use to change the fisheye view aspect. The flat view allocates the same amount of space to all the nodes on the map.
Clicking Controls displays a navigation aid on the right side of the window. With this tool, you can zoom in or out of the map or toggle between address and hostname views. Strangely, when you disable the address checkbox, the hostnames disappear too. Also, you might want to try a few of the parameters I looked at on the sample file to discover a perfect view mode for your own needs.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.