3D Network Visualiser

v1.0

 

User Manual

 

James O’ Connor 50703338

 

And

 

Feargal Gallagher 50729035

 


 

Introduction

 

3D Network Visualiser v1.0 (henceforth referred to as 3DNV) is a unique tool for creating a 3-Dimensional model of your network that’s easy to grasp.

It’s ideal for the following:

·        Getting a general overview of a large or heterogeneous network

·        Visually illustrating a path from one computer to another

·        Making presentations to non-technical personnel about computer networks

·        Simple network auditing

·        Network Exploration

·        Initiating new network personnel about the structure of the network

·        And much more…

 

The application is split into a client and a server. The server does the scanning of the network, and the client displays the results in a friendly, easy to use fashion.

 

This User Manual will be concerned mainly with the client, since once the server is installed, it is mostly invisible to the user.

 


 

Installation

 

As mentioned before, this application is split into a server and a client.

Before you can use the client, you must install the server.

Please see “Server Installation Guide” for details on how to do this.

Assuming you have an installed running server, we will continue.

 

Installing the client

 

The client program is written entirely in Java, and should run on all major Operating Systems. However, as it is a comprehensive application, it has certain requirements:

 

Java must be installed (Most Operating Systems have it by default)

Java 3D must be installed (Downloadable from sun.com, see References)

For more complex 3D views, a large amount of RAM is beneficial (minimum 64mb)

 

Running the Client

 

Once these requirements are met, running the client is simply a matter of running client.jar.

On most Operating Systems, this can be done by double-clicking on the file.

If this doesn’t work, type

java -jar client.jar

at a command prompt in the directory that client.jar is stored.

For answers to further problems see “Troubleshooting”.


 

Getting Started: Queuing a Scan

 

Now that the program is running, you should be greeted with a screen similar to fig 1.0.

As the Message suggests, the first step is to tell the client what server to use.

In the highlighted text box on the top-right, enter the IP address or domain name of the computer on which you installed the server. If you installed the server on this computer, then you can leave the entry localhost intact. When you’ve entered the correct address, click Apply.

 

The client will now attempt to contact the server and make a connection.

If this is successful, a message will be displayed telling you so, otherwise an error message telling you the reason will be displayed.

The list labelled “Available Maps on Server” is usually filled with any previously saved network maps, but will be empty on first use.

 

We’re now ready to do our first scan. We have two options: New Scan… and Auto Scan.

 

Auto Scan attempts to automatically map out a small area of your network near your computer and display it. It can be useful if you don’t know where to start scanning your network. You simply click the button, and wait for the results.

 

New Scan… is where most of your network scans will be started.

When you click the button, a new window similar to fig 2.0 is displayed.

The information you enter in this box decides how the scan will be carried.

 

In Target Range type the computers you wish to scan.

These can take the form of IP Addresses, domain names, or IP Address ranges.

An IP Address range is defined as an IP Address with an asterisk replacing one or more of the octets.

It can also be defined as an IP Address followed by a forward-slash and a mask in the range 0-32.

All these entries should be separated by a space.

E.g.

 

136.206.15.* www.dcu.ie 136.206.218.1/24


 

In Port Range type the numbers of the TCP ports you wish to scan.

You type at least one number here.

The Port Range takes the form of comma-separated numbers between 1 and 655535, and/or pairs of numbers separated by a dash, indicating a range of ports. E.g.

 

1-100,135,6667,8080,9000-10000,23456

 

In Save Scan As, type the name by which you wish to recognise this scan.

It can be any string that represents a valid filename on the computer that the server is running on.  E.g.

 

Scan of Marketing Department

 

The next option is OS Detection. It is a good idea to leave this enabled, as it gathers useful information about the Operating System of the hosts scanned. Disable it if you don’t need this information, or you require a faster scan.

 

The Ping First option greatly increases the speed of the scan. It attempts to “ping” a host to see if it’s running, before doing a full scan. It prevents scans of non-existent hosts being carried out. However, some hosts are set up not to reply to pings, and may be missed in a scan as a result. If you feel that important hosts are being missed, disable this option. Otherwise, leave it enabled.

 

When you feel you’ve entered the correct data, click Queue Scan.

This sends a request to the server telling it to carry out your scan.

Scans of this type can take quite a long time, especially when there are a large number of hosts to be scanned.

Now that the server is scanning, you can close the client if you wish and carry out your usual work. When the scan is finished, it is stored on the server, ready to be viewed.

The next time you start the client and connect to the server, this scan will be on the Available Maps on Server list.


 

Fig 1.0

 

Fig 2.0


 

Viewing a Map

 

 To load a Map, highlight it on the list, and then click the button “Load”.

After a few seconds you should see a 3D Map of the network on the left-hand side.

(See fig 3.0)

 

Use the controls below to pan, rotate and zoom the map. The circle button on the right resets the view. Alternatively, click and drag the map to position it with your mouse.

 

On the Map, hosts are represented by blue cubes; the connections between them are represented by green cylinders.

 

 


 

Fig 3.0

 

Fig 4.0


Host Information

 

If you click on a host (cube), information about it will be displayed on the Information tab on the right-hand side. (See fig 4.0)

 

In Host Information various properties of the selected host are displayed.

In the User Supplied Information box, you can supply any supplemental information you like, just click Update when you’re finished.

 

Connected Hosts shows which hosts are connected to the current one.

You can click on the blue entries to see information about them.

 

Open TCP Ports shows the TCP services found on the selected host.

You can choose a port and attempt to connect to it using a protocol handler from the drop down list. Currently Telnet and HTML Browser are supported. Press the Go button to connect.

 

Finally there are two buttons that affect the map in relation to the current host.

 

Remove Host and Children removes the current host, all its connections, and all hosts branching from it. It can be useful to remove unwanted information from a cluttered Map.

 

Make This Host the Centre Re-draws the map with the currently selected host at the centre.

This can be very useful if the map is unbalanced, allowing you to place an important gateway or server at the centre of the Map.


 

Connection Information

 

If you click on a connection (cylinder), information about it will be displayed on the Information tab on the right-hand side. (See fig 5.0)

 

In Connection Information properties of the logical connection between two hosts are displayed.

It displays the IP Addresses of the two hosts, which you can click on to see information about them.

(Brings up the Host Information panel described previously)

 

It displays the Latency of the connection in milliseconds.

 

It also allows you to supply any supplemental information about the connection you may have, in a similar fashion to that described for hosts.

 

Statistics

 

More information about the network is displayed on the Statistics tab.

(See fig 6.0)

It shows what percent of hosts in the map have certain ports open,

and what percent of hosts run which Operating System.

 


Fig 5.0

 

Fig 6.0


3D View Options

 

Now we’ll look at customising the Map to make it more visually understandable and useful.The 3D View Options tab is split into two areas:

Branching Algorithm Options and Map Coloring Options

(See fig 7.0)

 

When a Map is loaded, it is laid out using a “Branching Algorithm”. This Algorithm decides where to place the hosts on the Map according to certain properties, which can be adjusted by the user. These properties are described below:

Branch Radius

This is the distance between a host and the hosts connected to it. Increasing this value generally makes the Map larger and less cluttered.

 

Branch Radius Fall Off

This is a measure of how much the Branch Radius decreases as a function of how many hops away from the root host it is. It is measured in percent. Making this zero keeps a constant Branch Radius for all hosts, which may result in cluttering. A level of around 60 percent is usually ideal, assuming the bulk of the network is towards the centre of the Map.

 

Minimum Branch Radius

If the Branch Radius Fall Off is set too high, the Branch Radius can quickly dwindle to nothing, making the Map once again cluttered. This property is the absolute minimum the Branch Radius will be, regardless of the Branch Radius Fall Off.

 

Repellance

The branching algorithm used in this application is called “Sphere Tree”, as it tends to lay out the hosts in spheres around their parents host in the tree. Increasing the Repellance of a map causes the Branching Algorithm to behave more like the “Cone Tree” algorithm. The “Cone Tree” algorithm lays out the hosts in cones emanating from their parent hosts in the tree. This property’s default value is zero, and it’s only necessary to change it if you prefer the “Cone Tree” style layout.

 

When you’ve changed the values of the properties to your satisfaction, click Apply. The changes are then applied to the map. This may take a while, and it is one of the most memory intensive aspects of the program.

If you decide against changing the values, click Reset to reset them to the current values of the Map being displayed.


Fig 7.0

 

Fig 8.0


Map Coloring Options

 

This area represents some of the most useful functionality of the program.

It allows you to color the map according to your own criteria.

 

The first button Reset Map Colors to Defaults restores the familiar blue and green coloring to the Map. (See fig 8.0)

 

The next five lines of widgets perform in similar ways.

In each case you start by clicking the Color button, and choosing a color from the dialog box.

 

Then enter the criterion that you want to color the map by in the combo box.

Then click Apply.

 

For example, if you wanted to highlight all the web servers on the map, you would click Color to choose a color, enter 80 in the combo box, and then click Apply. The map is re-drawn as in fig 9.0.

 

The Port Open box can contain any number between 1 and 655535.

The OS Contains box can contain any string. It is not case sensitive.

The IP Contains box can contain any part of an IP Address.

The Domain Contains box can contain any part of a valid domain name.

The Latency greater than box can contain any positive number. It allows you to color the connections according to their ping latency.


Fig 9.0


 

Managing Maps

 

Now that you’ve modified your map, you might want to save these changes back to the server. All the map management functions are carried out form the Manage Maps tab. (See fig 3.0)

 

We’ve already discussed some of these buttons above, so we’ll continue from there:

 

Delete deletes the Map selected from the list of available Maps.

 

Rename renames a Map, prompting the user for a new name first.

 

Refresh List Contacts the server to see if any more Maps are available.

Maps become available as queued scans are finished on the server.

 

Save Current Map takes your newly modified Map and saves it to the server, including color, layout, and user supplied information.

 

Reload Current Map loads the map your looking at back from the server, effectively clearing any changes you’ve made since you last saved it.

 


 

Server Installation

 

Requirements

·        Java

·        NMAP

·        Traceroute

 

The Server is written in Java, but interfaces with the native programs NMAP and Traceroute. As a result it is more Operating System Dependant.

At the time of writing the server can only be run on Unix-like systems,

Because the underlying program NMAP does not run well on other platforms,

And the traceroute program used by the server is not compatible with that of other platforms. That said, it will happily run on Linux or Solaris for example, and possibly other OS’s.

 

To install the server, login as root, and run the server.install shell script from the installation medium. Supply some simple information, like the directory to install to, and then wait for the program to install.

 

To start the server, run the script server.run as root from the install directory.

See your OS documentation on how to make it start at boot time.

 

It is recommended that the server be run on a server machine on the target network that is well connected to the rest of the network and has plenty of bandwidth. Note that some people find network scans intrusive or aggressive, so make sure you have the permission to run network scans from the server machine.

 


Troubleshooting

 

I can’t start the client

Do you have up to date Java installed? Download the latest version of the Java JRE from Sun Microsystems (See References)

Re-read “Running The Client” above and verify that you’ve done it correctly.

Is the java program in your current path? See OS documentation for details.

 

I get an error message when I start the Client

Do you have Java 3D installed? Download the latest version of the Java 3D from Sun Microsystems (See References).

 

I can’t connect to the server

Have you entered the correct address?

Have you installed and run the server on the specified address?

Is there a firewall or proxy blocking your access to the server?

Is your network connection working?

Is the servers network connection working?

Check all the above until you find the problem.

 

I run out of Memory manipulating a Map

The 3D graphics in the program computationally and memory intensive.

To allocate more memory to the client, run it with the following options:

 

java -Xms64m -Xmx128m -jar client.jar

 

Where 64 represents a minimum of 64 megabytes being allocated to the client, and 128 represents a maximum of 128 megabytes being allocated.

 


References

 

Download Java

 http://www.java.com/en/download/manual.jsp

 

http://www.mirror.ac.uk/sites/ftp.blackdown.org/java-linux/

 

Download Java 3D

http://java.sun.com/products/java-media/3D/download.html

 

http://www.mirror.ac.uk/sites/ftp.blackdown.org/java-linux/