OAUNETMON: A Network Traffic Monitoring Tool Olatunde Abiona Lecturer/Computer Engineer Department of Computer Science & Engineering Obafemi Awolowo University,

Slides:

Advertisements

Similar presentations

MikroTik Vendor Session © MikroTik MikroTik Vendor Session WISPNOG February th, 2005 Chicago, IL.

Advertisements

Institute of Technology Bandung What AI3 has done to Indonesia Onno W. Purbo Institute of Technology Bandung Bandung, Indonesia June 1997.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.

EDUCATIONAL NETWORK Hina Rubab Yousaf Pakistan. Introduction to University of Karachi  The campus is spread over 1279 acres of land, situated 12 Km away.

Sokoine University of Agriculture (SUA), Tanzania Magesa, M and Luhusa, L Computer Centre-SUA.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.

Performance Analysis of Orb Rabin Karki and Thangam V. Seenivasan 1.

99 CHAPTER COMMUNICATIONS AND NETWORKS. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 9-2 Competencies Discuss connectivity, the wireless.

Wi-Fi Structures.

Introduction to Computer Networking. Wireless Network.

Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.

INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : ,

1 Configuring Linksys Wireless Router Prof. Valencia Community College.

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Firewall Slides by John Rouda

1 Enabling Secure Internet Access with ISA Server.

Technical Training: DIR-615

Technical Training: DAP-1360 Wireless N Access Point DAP-1360.

4 Network Hardware & Software Network Operating systems: software controlling traffic on the network 2 types of s.ware: server software &client software.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000.

CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.

Sepehr Firewalls Sepehr Sadra Tehran Co. Ltd. Ali Shayan December 2008.

Linking rural health facility to the internet using packet radio in developing countries (OAUNet a case study) by O.O. Abiona & O.A. Adewara Obafemi Awolowo.

Networking Components

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 6 Network Design and Troubleshooting Scenarios.

Networking Components Christopher Biles LTEC Assignment 3.

In The Name Of Allah Whose Blessings Are Uncountable.

TEW-812DRU Training. TEW-812DRU AC1750 Dual Band Wireless Router.

Virtual Company Group 8 Presentation Date: June /04/2017

1 Network Statistic and Monitoring System Wayne State University Division of Computing and Information Technology Information Technology.

Configuring Routing and Remote Access(RRAS) and Wireless Networking

Internet Connection Sharing Ben Ramig Erik Tierney.

COEN 252 Computer Forensics

Chapter 9: Novell NetWare

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

USE AND DEVELOPMENT OF INFORMATION AND COMMUNICATION TECHNOLOGIES TO PROMOTE LEARNING, TEACHING AND RESEARCH IN AFRICAN UNIVERSITIES. PAPER PRESENTED BY.

Module 2: Information Technology Infrastructure

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

1 KFUPM Enterprise Network Sadiq M. Sait

DSL-2544N Dual Band Wireless N600 Gigabit ADSL2+ Modem Router

Linux+ Guide to Linux Certification Chapter Fifteen Linux Networking.

CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.

PRESENTATION ON WI-FI TECHNOLOGY

NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.

The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.

University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department INTRODUCTION TO COMPUTER NETWORKS Dr. Abdelhamid.

3G HSDPA with VigorRouter DrayTek Corp Outline 3G Router Application 3G Modem Support List Demo (Vigor2910 series with iPhone 3G/3Gs)

NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.

Terminal Servers in Schools A second life for your older computers.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

Configuring Network Connectivity Lesson 7. Skills Matrix Technology SkillObjective DomainObjective # Using the Network and Sharing Center Use the Network.

Wireless ISP Infrastructure

G046 Lecture 04 Task C Briefing Notes Mr C Johnston ICT Teacher

INTRODUCTION TO THE INTERNET Internet Protocol Cameras Training: Session 1.

Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.

CONNECTING TO THE INTERNET

Securing the Network Perimeter with ISA 2004

OAUNET An Overview BY Obafemi Awolowo University, Ile-Ife, Nigeria

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

INTRODUCTION TO COMPUTER NETWORKS

IP Control Gateway (IPCG)

Firewall Installation

Presentation transcript:

OAUNETMON: A Network Traffic Monitoring Tool Olatunde Abiona Lecturer/Computer Engineer Department of Computer Science & Engineering Obafemi Awolowo University, Ile-Ife, NIGERIA

World Map World Map ©1996 MAGELLAN Geographix Santa Barbara, CA (800) 929-4MAP

Africa Africa

Nigeria Nigeria Ile-Ife

Obafemi Awolowo University, Ile-Ife Oduduwa Hall

Obafemi Awolowo University, Ile-Ife College of Health Sciences building

Obafemi Awolowo University, Ile-Ife Computer Science & Engineering Dept.

Outline of the Presentation Introduction Introduction The Obafemi Awolowo University Network (OAUNet). The Obafemi Awolowo University Network (OAUNet). Design/Architecture of OAUNETMON. Design/Architecture of OAUNETMON. Some screen shots of OAUNETMON. Some screen shots of OAUNETMON. Conclusions Conclusions

The Obafemi Awolowo University Ile-Ife, Nigeria 250km North-East of Lagos 250km North-East of Lagos 20,000 students, 13 faculties and 2 colleges 20,000 students, 13 faculties and 2 colleges Campus network: TCP/IP protocol and LINUX operating system. Campus network: TCP/IP protocol and LINUX operating system. Wireless spread spectrum radio technique for linking buildings Wireless spread spectrum radio technique for linking buildings Over 600 individual account users, within a year of operation. Over 600 individual account users, within a year of operation. Capacity building component provided critical mass of competent Technical Staff Capacity building component provided critical mass of competent Technical Staff

The Obafemi Awolowo University. Network (OAUNet). Was born out of a collaboration between International Centre for Theoretical Physics (ICTP), Trieste Italy and Obafemi Awolowo University (OAU) Ile-Ife Nigeria (1996). Was born out of a collaboration between International Centre for Theoretical Physics (ICTP), Trieste Italy and Obafemi Awolowo University (OAU) Ile-Ife Nigeria (1996). Started with 3 subnets now over 14 subnets and 9 cyber cafes. Started with 3 subnets now over 14 subnets and 9 cyber cafes. Full Internet connectivity ie 256 Kbps Uplink and 512 Kbps Downlink bustable to 1Mbps. Full Internet connectivity ie 256 Kbps Uplink and 512 Kbps Downlink bustable to 1Mbps.

OAUNET - Main Network Diagram Main HUB sctechcs usbchsagric NC First Generation Second Generation Third Generation Key sc - sciences tech - Technology cs - Computer Science usb - Secretariat chs - Health Science Agric- Agriculture NC - NACTEM OA - OAU Teaching hospital OS Fourth Generation AP 2Mbps VSAT Earth Station 64 Kbps Dial up MODEM 33 Kbps OS C C Fifth Generation OS CCC

Main HUB or network Firewall Proxy Mail Server Modem Server Backup Server Inter Subnet Router WLAN Antenna WEB Server Terminal Equipment CISCO router 100 base Tx Ethernet Backbone Pentium IV PCs

Architecture of Most Subnets Subnet Server (UNIF II) INTEL Pentium CPU Powered by Linux Local DHCP Server Local NIS Server Local DNS Server Local Telnet Server Campus Wide NFS Static Router Masquerading and IP forwarding WaveLan cards SWITCH One or more client computers Running Windows or Linux + KDE Provide Print services, and telnet clients Auto- configured through DHCP Ethernet Antenna SA 2 Mbps link to Main network

The original design of the LAN to INTERNET link

OAUNETMON Setup

Features of OAUNETMON Non-Intrusive Network Monitoring system. Non-Intrusive Network Monitoring system. Web-based network monitor and analysis system Web-based network monitor and analysis system Capable of Handling Large log files Capable of Handling Large log files Capable of monitoring Fast Ethernet or switched network. Capable of monitoring Fast Ethernet or switched network. Capable of analyzing Proxy logs (squid access log flies) Capable of analyzing Proxy logs (squid access log flies)

Design Consideration Powerful user interface – web interface Powerful user interface – web interface Guaranteed packet capturing – uses gigabit interface for data capture Guaranteed packet capturing – uses gigabit interface for data capture Classification of all protocol information – ability to classify and display all possible protocol in each layer Classification of all protocol information – ability to classify and display all possible protocol in each layer Security – Access are restricted only to those with valid username and password. Security – Access are restricted only to those with valid username and password. Viewing of real-time and historical data – shows online real-time status data and accumulated historical status data easily Viewing of real-time and historical data – shows online real-time status data and accumulated historical status data easily

Equipment required for the setting up OAUNETMON Pentium iv 2.0Ghz CPU Pentium iv 2.0Ghz CPU 1.0GB Ram, 80.0GB HDD 1.0GB Ram, 80.0GB HDD FDD, CD Writer 40X FDD, CD Writer 40X 1Gigabit Ethernet Switch (D-link DES- 3226L) 1Gigabit Ethernet Switch (D-link DES- 3226L) 1Gigabit Network interface card 1Gigabit Network interface card 700VA UPS 700VA UPS Linux Operating System ( Mandrake 10.1) Linux Operating System ( Mandrake 10.1)

Architecture of OAUNETMON

Perl wrapper script

Routine Run_MRTG

Routine Run_Webalizer

Daily Graph

Weekly and Monthly Graph

Hosts Listing

Host Usage Graph

Hosts Usage Cont…

Protocol Listing

Protocol Usage Graph

Protocol Usage Cont…

Webalizer

Webalizer

Daily Usage

Hourly Usage

KB transferred

Proxy Log Analysis OAUNETMON also carryout proxy log analysis on squid access log OAUNETMON also carryout proxy log analysis on squid access log

Some Bandwidth optimization Technique CBQ CBQ HTB HTB Mirroring Mirroring Firewall Firewall –Filtering Deny, Reject, Redirect …based on firewall rules Deny, Reject, Redirect …based on firewall rules SQUID SQUID –Web caching –Access control list –Authentication –Delay pools it is possible to limit internet traffic in a reasonable way depending on so- called 'magic words', existing in any given URL For example, a magic word could be '.mp3', '.exe' or '.avi', etc.

OAUNETMON Installation Install linux Install linux –/tmon –/logf Install Mrtg Install Mrtg Install Webalizer Install Webalizer Iptraf Iptraf Install Apache Install Apache Replace your back bone switch with a Gigabit Switch that can support Port mirroring Replace your back bone switch with a Gigabit Switch that can support Port mirroring Download all files from Download all files from – To appropriate directories Restart your computer! Restart your computer!

OAUNETMON DEMO

Conclusion Experimental design goals such as extracting highly detailed information without adversely affecting network performance (speed) is archived through a process of extracting the required information from IP packet without considering the contents. The scripts are available at Experimental design goals such as extracting highly detailed information without adversely affecting network performance (speed) is archived through a process of extracting the required information from IP packet without considering the contents. The scripts are available at

Acknowledgement We wish to acknowledge the support of the Abdus Salam International Centre for Theoretical Physics (ICTP) for the donation of the equipment used for this study. We wish to acknowledge the support of the Abdus Salam International Centre for Theoretical Physics (ICTP) for the donation of the equipment used for this study.

THANK YOU