ipaudit-web is network monitoring software that tracks and displays network activity through graphical reports, accessible via the web interface. It collects traffic summaries and can help monitor network usage.
IPAudit-Web is a software that logs network activity, maintains traffic summaries, and presents accessible graphs and reports through the web. It is particularly useful for identifying users who consume a lot of bandwidth, as well as DoS attacks and scans.
One can install IPAudit in a distribution-specific binary package or compile it from a source. IPAudit requires the pcap packet library installed to compile the software. One can either download and compile the "classic" source code from LBNL Network Research Group or a newer version of the pcap library from tcpdump.org.
IPAudit is a useful tool for monitoring network activity for various purposes. It is particularly helpful in identifying intrusion detection and denial of service attacks. Many people utilize IPAudit in shifts. Every 30 minutes, a new instance of IPAudit is launched in the background, and the previous instance is killed. The previous instance creates a file that describes the network activity for the past 30 minutes before it dies. Perl scripts parse this file to make a web-viewable report.
IPAudit currently monitors a 45MB link averaging at about 1/3 capacity on a Pentium II/333 running Linux 2.2.13. Average CPU usage is around 10% and peaks at around the half-hour mark.
IPAudit can be used with IPAudit-Web, a collection of cron and web-cgi scripts for data gathering and report creation. However, note that the separate IPAudit-Web distribution is not yet available. Instead, you can obtain web-cgi scripts from ipaudit-0.93b4.tgz.
In the latest release, IPAudit has corrected for the packet double count and double write when packets travel between two monitored interfaces. Additionally, the new -M option allows users to turn off correction for multiple devices.
One can install IPAudit in a distribution-specific binary package or compile it from a source. IPAudit requires the pcap packet library installed to compile the software. One can either download and compile the "classic" source code from LBNL Network Research Group or a newer version of the pcap library from tcpdump.org.
IPAudit is a useful tool for monitoring network activity for various purposes. It is particularly helpful in identifying intrusion detection and denial of service attacks. Many people utilize IPAudit in shifts. Every 30 minutes, a new instance of IPAudit is launched in the background, and the previous instance is killed. The previous instance creates a file that describes the network activity for the past 30 minutes before it dies. Perl scripts parse this file to make a web-viewable report.
IPAudit currently monitors a 45MB link averaging at about 1/3 capacity on a Pentium II/333 running Linux 2.2.13. Average CPU usage is around 10% and peaks at around the half-hour mark.
IPAudit can be used with IPAudit-Web, a collection of cron and web-cgi scripts for data gathering and report creation. However, note that the separate IPAudit-Web distribution is not yet available. Instead, you can obtain web-cgi scripts from ipaudit-0.93b4.tgz.
In the latest release, IPAudit has corrected for the packet double count and double write when packets travel between two monitored interfaces. Additionally, the new -M option allows users to turn off correction for multiple devices.
What's New
Version 0.95: N/A