Self Hosted Network Analyzer?
from asbestos@lemmy.world to selfhosted@lemmy.world on 10 May 10:44
https://lemmy.world/post/29425414

Do you have any recommendations for a self hosted network analyzer that can visualize all the device connected to a network, different subnets, etc, and perhaps show the flow of data for each network device?
I’m probably asking for too much but sometimes there are cool projects out there that aren’t easy to find.

#selfhosted

threaded - newest

axum@lemmy.blahaj.zone on 10 May 10:49 next collapse

The closest project to this that I can think of would be Netbox

JasonDJ@lemmy.zip on 10 May 14:58 collapse

Netbox is a documentation tool. You can plug in Napalm to do some stuff but it mostly exists to catalog the intended state of the network.

It’s a wonderfully powerful tool, and Stretch has done a great job with it…but it’s not an analysis tool, it’s documentation.

Stretch is a pretty cool guy too. He strikes me as the kind of person that really wants to help colleagues “see the light” of the role Python and FOSS can play in network automation and maintenance. I respect that, a lot…finding enjoyment in the way you do things, and wanting to share that with other people.

Eideen@lemmy.world on 10 May 11:21 next collapse

SNMP monitoring can give you a realtime visualize all the device connected to a network, different subnets, etc, and show the flow of data for each network device.

www.librenms.org

mbirth@lemmy.ml on 10 May 16:57 next collapse

There’s also The Dude - although it’s a Windows-only application. But the visualisation is great.

<img alt="" src="https://lemmy.ml/api/v3/image_proxy?url=https%3A%2F%2Fmikrotik.com%2Fimg%2Fmt%2Fv2%2Fdude%2F1f.png">

peregus@lemmy.world on 11 May 06:43 collapse

Can it discover non Mikrotik devices?

mbirth@lemmy.ml on 11 May 10:26 collapse

The version I had played around with about 10 years ago could.

peregus@lemmy.world on 11 May 12:01 collapse

I’ve used about 10 years ago too, but I’ve heard that now it needs a Mikrotik device but I’ve nver had the time to test it

umbrella@lemmy.ml on 10 May 23:18 collapse

also zabbix

catloaf@lemm.ee on 10 May 12:27 next collapse

This really depends on your network hardware. At a minimum it’ll need to support snmp and you can build something in zabbix, or preferably it’ll support netflow.

Geodad@lemm.ee on 10 May 13:35 next collapse

Can’t you just use Kali for that?

sugar_in_your_tea@sh.itjust.works on 10 May 15:14 collapse

Depending on how you intend to use Kali, that’s either a bad idea or a terrible idea. Don’t use Kali bo for long running processes.

Just get a router with that feature or flash a firmware with that feature.

taaz@biglemmowski.win on 10 May 14:01 next collapse

There is also github.com/jokob-sk/NetAlertX

oscillator@slrpnk.net on 10 May 15:29 collapse

This is cool, thanks

tatterdemalion@programming.dev on 10 May 14:20 next collapse

ntopng has all of that. I’m currently hosting it on my home router.

Cyber@feddit.uk on 10 May 15:56 collapse

+1 for this.

You need to see all the data flowing through a sensor to be able to map it, so a router / firewall is often the central point.

I run it as an addon for pfSense and it’ll show me all sorts of info.

If you setup the GeoIP you can see which countries your network’s connecting too… interesting for torrents…

Appoxo@lemmy.dbzer0.com on 10 May 18:11 collapse

What are your country hotspots for what kind of content? (e.g. if you primarily aquire movies, shows, anime, linux isos, misc.)

Cyber@feddit.uk on 10 May 18:58 collapse

It varies of course, but most of my torrents are movies and linux ISOs (for real)

I seed any Movies I leech at a 2:1 ratio… most are leeched from Europe, but I’ve had them from Canada, South America, Asia, but weirdly not many from North America.

I like to give back more to the Linux community, so I’m constantly seeding Arch & Mint ISOs (as that’s just what I’m using… maybe something Raspberry-ish) - they go everywhere.

I had a weird instance once where the same Chinese IP address was constantly re-downloading the same ISO. Could’ve been a VPN endpoint, but after I’d shared something like 40:1 there, I started using GeoIP to block it and similar regions I was uncomfortable with… so the world’s becoming smaller for me.

Appoxo@lemmy.dbzer0.com on 10 May 20:04 collapse

I see some US connections on my end but usually the South America, Europe and some lesser known countries around the world (Primarily private trackers with a healthy mix of movies and anime and rarely tv shows).
China comes up often for me.

irmadlad@lemmy.world on 10 May 21:13 next collapse

I’ll probably get boo’d but NetData covers just about everything I could want to monitor, and then some. If you don’t want to hook up to the mother ship, you can use the /v3 switch in the url on your homarr dash, or equal like:

https://netdata.mycoolserver.duckdns.org/v3

Also, as has been mentioned, ntopng is pretty awesome as well.

possiblylinux127@lemmy.zip on 10 May 21:18 next collapse

What are wanting to see and for what purpose?

interdimensionalmeme@lemmy.ml on 10 May 23:30 collapse

Unknown unknowns

lka1988@lemmy.dbzer0.com on 10 May 22:12 collapse

My UDM router does all of that.