DINO is a lightweight front end for network visualization. DINO, short for Drop In Network Observer, utilizes the open source network monitoring tools SiLK and SNORT to create an easy-to-use dashboard for situational awareness.
DINO queries flow records stored by SiLK and creates graphs for items such as top talkers, incoming/outgoing and hourly traffic, top ports, and snort alerts with the related flows records. Additionally, DINO can analyze and upload PCAP files created with tcpdump, create a summary report, and extract the files within the packet capture using tcpxtract.
- NetFlow Visualization: Flash-based NetFlow visualization
- Flow: Powerful SiLK backend available to advanced users
- IDS: Leveraging open source IDS tools
- IP GeoLocation: Plotting geographic locations of IP addresses in an interactive map
Figure 1: Top Talkers by Bytes
Figure 2: Monthly Traffic Overlays—Graph of Netflow Data for October-December 2011
Figure 3: Map of IP Address to GeoLocation