The rapid increase in network bandwidth from mega bits per second to giga bits per second and potentially to tera bits per second, is making it increasingly difficult to carry out in a timely and accurate manner, the analysis required to detect network abusers. The problem is made even more difficult with the devious techniques (e.g. spoofing) used by the hackers.
Network configuration information is useful in producing a visual map of the network complete in all details. The visual map is an essential component for network management and operations. It is also possible to generate an inventory report of a network. The invent0 y report describes the nodes, networks, interfaces, addresses, protocols, speeds, etc. and is a valuable component for network planning and administration.Unfortunately, network management is severely constrained in scope and effectiveness by the lack of any organized pool of network configuration information. I n this work we present results of our efforts to develop tools and techniques for automatically and mechanically synthesizing network configuration related information from the Internet. These techniques, we believe, will be instrumental in generating the pool of network configuration information.
Network fault management systems are mission-critical, for they are most needed during periods when part of the network is faulty. Distributed system-level diagnosis offers a practical and theoretically sound solution for fault-tolerant fault monitoring. It guarantees that faults don't impair the fault management process. Recently, results from the application of distributed system-level diagnosis applied for SNMP~based LAN fault management have been reported [1,2]. In this paper we expand those results by presenting a new algorithm for diagnosis of non-broadcast networks, applied to point-to-point network fault management. In the algorithm, nodes test links periodically, and disseminate link time-out information to all its fault-free neighbors in parallel. Upon receiving link timeout information a node computes which portion of the network has become unreachable. This approach is closer to reality than previous algorithms, for it is impossible to distinguish a faulty node from a node to which all routes are faulty. The diagnosis latency of the algorithm is optimal, as nodes report events in parallel, and latency is proportional to the diameter of the network. The dissemination step includes mechanisms to reduce the number of redundant messages introduced by the parallel strategy. We present a MIB for the algorithm, and a SNMP-based implementation. The evaluation of algorithm's impact on network performance, shows that the amount of bandwidth required is less than 0.1% for popular link capacities. We conclude demonstrating the integration of LAN and WAN fault diagnosis into a unified framework.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.