TNV depicts network traffic by visualizing packets and links between local and remote hosts.
Version: 0.3.7TNV stands for The Network Visualizer or Time-based Network Visualizer and depicts network traffic by visualizing packets and links between local and remote hosts.
Operating System: Linux
TNV is intended for network traffic analysis to facilitate learning what constitutes 'normal' activity on a network, investigating packet details security events, or network troubleshooting. TNV can open saved libpcap (from tcpdump, windump, ethereal, etc.) formatted files or capture live packets on the wire, and export data in libpcap format or save the data to a MySQL database to enable examining trends over time.
The main visualization shows remote hosts along the left side and a reorderable matrix of local hosts on the right, with links drawn between them. The local host matrix shows aggregated packet activity as background color, and shows network packets as triangles, with the point representing the directionality of the packet. Packets and links are color coded to protocol, and the user can optionally show the flags for TCP packets.
By selecting a cell within the matrix, representing a local host for a certain time period, the user can show either the packet details or the port activity related to that host. The main interaction mechanism for moving through the data is a scrollbar that sets the viewable selection, while at the same time showing areas of relative network activity in a bar graph - providing an overview of the entire data set with a more detailed display in the main visualization.
What's New in This Release:
· External data tools for doing URL queries or running scripts.
· Improved error handling.
· A potential capture dialog fix for Linux.
· A universal binary of the jpcap library for Mac PPC and Intel.