nana - Network ANAlyser
Almost automated and parallelized ARP / ND listener, MAC / IPv4 / IPv6 address tracker, SNMP collector, L2 topology explorer.
Mature proof of concept used on daily basis from 2009. Free and open-source tool for both network administrators and users, security experts, bug hunters...
It behaves well on mid sized network (4000 nodes) and it queries about 1000 SNMP enabled devices every five minutes.
Linux (CentOS 5/6), bash, mysql, net-snmp, rrdtool...
data flow diagram
- nals (nana listener)
- listens for ARP and ND on all available interfaces
- every second sends fresh MAC/IPv4 or MAC/IPv6 pairs to database
- written in C
- automatic checker of collected IPv4 addresses (ICMP, SNMP)
- IPv4 and IPv6
- treat one agent with multiple addresses as single entity
- parallelized SNMP collector
- MIB-2 - system, interfaces, dot1dBridge, ifXTable
- Enterprises - APC, Cisco, MikroTik, Telindus, 3Com
- variables are stored in MySQL
- counters are stored in RRD
- asynchronous DNS reverse resolver
- topology discovering based on MAC / port
- all in bash
- MAC, IPv4, IPv6 and DNS address searching
- tracking of privacy / randomized IPv6 addresses
- simple location / topology identification
- RRD graphs from SNMP MIBs
- list of unused IPv4 addresses (/24)
- PHP with a few bash scripts for faster graph generating
bugs / todo
- raw and dirty bash scripting
- no ping6
- no rtt in database
- many more...
Here is it. Untar the file in /opt and read the INSTALL.
similar (but nicer) projects