Scribd
Upload
99 views13 pages

Net Vigilant: Software Requirement Specification

NET VIGILANT NETWORK MONITOR Department Of Computer Science and En ineerin wa"in ton Uni#er!it$ in Saint %oui!

Uploaded by

Lucy Gutierrez Piol
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
99 views13 pages

Net Vigilant: Software Requirement Specification

NET VIGILANT NETWORK MONITOR Department Of Computer Science and En ineerin wa"in ton Uni#er!it$ in Saint %oui!

Uploaded by

Lucy Gutierrez Piol
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 13

SOFTWARE REQUIREMENT SPECIFICATION

NET VIGILANT
NETWORK MONITOR

V1.1 Printed On: 3rd Dec 2007 C:\Washington University\ProjectDoc !ent2.doc

Department Of Computer Science & En ineerin Wa!"in ton Uni#er!it$ in Saint %oui!

" #!itted $y " #harthi Pa % &adh ri ' %(arni

Ta&'e of Content!
1 INTRODUCTION 1.1 Abstract____________________________________________________________ 1.2 Introduction_________________________________________________________ 1.3 Product Overvie ____________________________________________________ "P#CI$IC R#%UIR#&#NT" 2.1 #(terna) Inter*ace Re+uire,ents_________________________________________ 2.1.1 User Inter*aces_________________________________________________ 2.1.2 .ard are Inter*aces_____________________________________________ 2.1.3 "o*t are Inter*aces______________________________________________ 2.1.4 Co,,unications Protoco)s________________________________________ 2.2 "o*t are Product $eatures______________________________________________ 2.3 "o*t are "/ste, Attributes_____________________________________________ 2.3.1 Re)iabi)it/_____________________________________________________ 2.3.2 Avai)abi)it/____________________________________________________ 2.3.3 "ecurit/_______________________________________________________ 2.3.4 &aintainabi)it/_________________________________________________ 2.3.5 Portabi)it/_____________________________________________________ 2.3.! Per*or,ance___________________________________________________ 3 ADDITIONA1 IN$OR&ATION 3.1 De*initions2 Acron/,s and Abbreviations_________________________________ 3.2 Re*erences__________________________________________________________ 3 4 5 ! ' 10 10 10 10 10 11 11 12 13 13

INTRODUCTION

ABSTRACT
Pac3et sni**in4 or 5ac3et ca5ture so*t are is e(tensive)/ used as too)s *or 5rotoco) ana)/sis and securit/. In 5rotoco) desi4n researc62 suc6 a too) co,es 6and/ in ana)/7in42 debu44in4 and testin4 o* a ne bot6 as a 5ositive 5rotoco) i,5)e,entation. In "ecurit/2 as is true *or an/ too)s2 it ,a/ be used a/ to detect intrusions or attac3s on a s/ste, as e)) as in t6e ,a)icious a/

to 6ac3 *or 5rivate and 5ersona) data o* ot6ers. #ven t6ou46 use o* u55er )a/er encr/5tion tec6ni+ues ,a3e it di**icu)t to 4at6er data direct)/2 /et t6ese too)s are i,5ortant in )earnin4 about e(istin4 sessions2 co))ectin4 encr/5ted data to )aunc6 o**)ine attac3s to 4enerate t6e encr/5tion 3e/ and an/ suc6 attac3 )i,ited on)/ b/ ones i,a4ination. .ence2 5ac3et sni**er so*t are is one o* t6e ,ost essentia) too)s re+uired to 4et started to be ab)e to 5er*or, an/ o* t6e above ,entioned activities. T6e 4oa) o* our 5ro8ect is to o* sni**in4 across ired and rite a 5ac3et sni**er 9Net :i4i)ant;2 ca5ab)e ire)ess inter*aces and 5rovide additiona) 5ac3et a44re4ation2

*i)terin4 and ana)/sis ca5abi)ities. T6e 4oa) o* t6e 5ro8ect is not to 5rovide a nove) a55roac6 to ards sni**in4 on t6e net or3 but rat6er to 5rovide a basic understandin4 to t6e c6a))en4es invo)ved in ritin4 suc6 a so*t are and a)so to bui)d u5 *ro, t6e 3no )ed4e and e(5erience 4ained to desi4n ,ore advanced securit/ too)s.

INTRODUCTION
Pac3et sni**in4 is an essentia) activit/ *or net or3 en4ineers as used in a 5ositive 3e/ c6a))en4e in e)) as securit/ e(5erts. I*2 a/2 it is t6e ,ost essentia) too) *or net or3 ana)/sis2 5rotoco) ana)/sis2 ritin4 suc6 so*t are is to co))ect ra 5ac3ets direct)/ *ro, t6e inter*ace

net or3 troub)es6ootin42 intrusion detection and 6undreds o* suc6 ot6er a55)ications. T6e cards and 5arsin4 t6e, to revea) use*u) in*or,ation. In nor,a) net or3 5ro4ra,,in4 t6rou46 soc3ets2 a so*t are ,odu)e )istens on a 5articu)ar soc3et *or 5ac3ets intended *or its use2 6ence *or a ,odu)e antin4 to sni** *or a)) 5ac3ets2 it s6a)) 6ave to )isten on a)) t6e TCP 5orts so t6at TCP does not t6ro a a/ 5ac3ets on *indin4 no ,odu)e attac6ed to t6e intended 5ort nu,ber in t6e 5ac3et. A)so2 eac6 5rotoco) )a/er 5er*or,s *i)terin4 o* t6e tra**ic2 *or e(a,5)e2 an/ TCP contro) 5ac3et i)) not be 5asses above t6e TCP )a/er2 an/ IP contro) 5ac3et is consu,ed b/ t6e IP )a/er and so on. &oreover2 t6e 6ard are net or3 inter*ace does an initia) *i)terin4 o* 5ac3ets not intended *or it. .ence2 it is a),ost certain t6at t6e nor,a) 5ro4ra,,in4 ,et6ods 5ac3et sni**in4 so*t are. T6e 6oo3 i)) not a))o *or t6e ca5abi)ities t6at e see3 to ca5ture in a a/ out o* t6is situation is to 6ave so,e t/5e o* a so*t are

6ic6 can 4at6er 5ac3ets be*ore it is 5assed t6rou46 t6e 5rotoco) )a/er 5rocessin4.

A)so2 to be ab)e to ca5ture 5ac3ets not intended *or t6e current net or3 inter*ace2 t6e so*t are s6ou)d set t6e inter*ace to t6e 95ro,iscuous ,ode; 5rovided suc6 a ,ode is su55orted b/ t6e 6ard are and t6e device driver o* t6e net or3 card. T6e 9so*t are 6oo3;2 t6at e ,entioned above2 e(ists2 in UNI< as t6e P$_PAC=#T soc3et or3 e ,a3e use o* t6e 5ac3ets *ro, t6e inter*ace. T6e stor/ does not end

>)ib5ca5 )ibrar/? and in @indo s as t6e @in5ca5 )ibrar/. In our @in5ca5 )ibrar/ to be ab)e to ca5ture ra

at bein4 ab)e to ca5ture ra 5ac3et. In *act2 it is t6e ,ost basic ste5. T6ere are certain 6urd)es in bein4 ab)e to ana)/7e correct)/ t6e ra 5ac3ets 6ic6 are not6in4 but a set o* 6e(adeci,a) 4ibberis6 to t6e unin*or,ed. T6ere are c6a))en4es in bein4 ab)e to seria)i7e t6e data co,in4 in2 in net or3 b/te order2 *or stora4e in t6e *i)e s/ste,s. A)so2 a ,a8or tas3 is to be ab)e to
5

5rovide an eas/ to use and e)e4ant user inter*ace *or runnin4 t6e so*t are as t6e 5ac3et data in a ,ore 6u,an readab)e *or,. @it6 a)) t6is in ,ind2 ired and

e)) as 5resent

e desi4ned 9Net :i4i)ant;2 a 5ac3et sni**er and ana)/7er too) *or ritten in CB over t6e .N#T 5)at*or,

ire)ess inter*aces. 9Net vi4i)ant; 6as a stateAo*At6eAart 4ra56ica) user inter*ace2

desi4ned on t6e .N#T 5)at*or,. A)) t6e code 6as been to ensure intero5erabi)it/ across indo s s/ste,s.

It ,a/ be ar4ued2 t6at suc6 too)s a)read/ e(ist in 5)ent/ and t6at a ne

endeavor ,a/ not be

8usti*ied. .o ever2 9Net :i4i)ant; 6as been desi4ned to be t6e ste55in4 stone *or *urt6er desi4n o* ,ore co,5)icated too)s and a)so a )earnin4 e(5erience *or novice 5ro4ra,,ers to desi4n and i,5)e,ent t6eir o n net or3 so*t are. It is basica))/ t6e *oundation bed *or ,ore advanced innovations in t6e *uture. 1.1 Product Overview T6e 5ro8ect i)) be i,5)e,ented in &icroso*t .N#T tec6no)o4ies usin4 CB )an4ua4e. $o))o in4 are so,e o* t6e *unctiona)ities e i)) i,5)e,entC Basic FunctionalityC 1 2 3 4 5 Net or3 &onitor DEasic 5ac3et ca5tureF Pac3et $i)terin4 Net or3 Uti)ities DPin42 TCP "tatistics2 UDP "tatisticsF Pac3et Ana)/sis Gra56ica) Inter*ace

Advanced FunctionalityC A)t6ou46 t6e advanced *unctiona)ities are not a 5art o* t6e 5ro8ect2 e 5)an to i,5)e,ent t6e, in *uture.
6

1. Port "canner Port "canner i)) 5rovide basic *unctiona)it/ o* searc6in4 a net or3 6ost *or o5en 5orts. T6is i)) be used b/ ad,inistrators to c6ec3 t6e securit/ o* t6eir net or3s. 2. Net or3 &a55in4 T6e net or3 ,a55in4 *unctiona)it/ i)) ,a5 t6e net or3 and 5rovide a net or3 ,a5.

3.

C)ient Con*i4uration &onitor C)ient con*i4uration ,onitor i)) 5rovide t6e )ist o* 5rocesses2 resources and t6e status o* a node on t6e net or3.

P)ease note t6at t6e advanced *unctiona)it/ is not a 5art o* t6e 5ro8ect and i)) be i,5)e,ented on)/ i* ti,e 5er,its.

SPECIFIC REQUIREMENTS

2 SPECIFIC REQUIREMENTS
2.1 External Interface Requirements: 2.1.1 User Interfaces .e)5 and Too)ti5s are avai)ab)e *or eas/ understandin4. Gra56ica) inter*ace is avai)ab)e *or ease and convenience o* t6e user. &ost *unctions re+uire ,ouse c)ic3 t6us si,5)i*/in4 o5erations. Too)s stri5 ,enu is avai)ab)e *or *aster access o* ,enus. "6ortcut 3e/s are avai)ab)e *or e(5erienced users. Hardware Interfaces &ouse is re+uired *or use o* a55)ication =e/board is re+uired *or use o* a55)ication &onitor is re+uired *or use o* a55)ication Net or3 inter*ace card is re+uired *or 5ac3et ca5ture 1.5 &E o* 6ard dis3 s5ace. 1 GE RA& >Rando, Access &e,or/?. Software Interfaces T6is so*t are re+uires *o))o in4 so*t are inter*acesC @inPca5 :4.0.1 .N#T $ra,e or3 2.0 "6ar5Pca5 :1.5 Communications rotocols Net :i4i)ant s6ou)d ca5ture 5ac3ets on ired as e)) as ire)ess net or3s.

2.1.2

2.1.3

2.1.4

2.2 Software Product Feature! T6e *o))o in4 *eatures are inc)uded in Net :i4i)ant Net or3 &onitorC a? Net or3 &onitor *or ired net or3s D#t6ernetF T6is *eature i)) 5rovide t6e *aci)it/ to ca5ture net or3 5ac3ets. T6e detai)s o* t6e 5ac3et i)) be )isted in a tab)e. T6ese 5ac3ets can be stored in <&1 seria)i7ed *or,ats. Pac3ets can be retrieved )ater *or vie in4 and ana)/sis.

b? Net or3 ,onitor *or ire)ess net or3s D'02.11F T6is *eature i)) 5rovide t6e *aci)it/ to ca5ture net or3 5ac3ets. T6e detai)s o* t6e 5ac3et i)) be )isted in a tab)e. T6ese 5ac3ets can be stored in (,) seria)i7ed *or,ats. Pac3ets can be retrieved )ater *or vie in4 and ana)/sis.

c? Net or3

Uti)ities

DPin42

TCP

"tatistics2

UDP

"tatisticsF

T6e above ,entioned uti)ities i)) be 5rovided *or net or3 tra**ic ana)/sis.

d? Pac3et "toreHRetrieve Pac3ets can be stored in an <&1 *i)e and )ater retrieved *or vie in4 or ana)/sis.

e? Pac3et $i)terin4 T6e 5ac3ets can be *i)tered b/ 5rotoco) t/5e TCP >Trans,ission Contro) Protoco)?2 UDP >User Data4ra, Protoco)?2 ARP >Address Reso)ution Protoco)?2 IC&P >Internet Contro) &essa4e Protoco)? and IG&P >Internet Grou5 &ana4e,ent Protoco)?.

*? @indo s based Gra56ica) User Inter*ace >GUI? @indo s based GUI *or better user e(5erience i)) be 5rovided.

2.3 Software S stem !ttri"utes: 2.3.1 "elia#ility T6is so*t are 6as been tested and *ound to be re)iab)e.
10

2.3.2

Availa#ility "ince t6is s/ste, 6as been tested *or de*ects and *i(ed2 t6e do nti,e is )o t6ere*ore is avai)ab)e. and

2.3.3

Security "ecurit/ *eatures are a)so 5rovided b/ .N#T.

2.3.4

$aintaina#ility #ase o* ,aintenance is one o* t6e advanta4es o* .N#T.

2.3.%

orta#ility T6is a55)ication is su55orted on *o))o in4 O5eratin4 "/ste,s. @indo s -<2 @indo s 20002 @indo s :ista.

2.3.!

erformance Per*or,ance o* t6is a55)ication is 4ood on a s,a)) net or3. It 6as /et to be tested on a )ar4er net or3.

11

ADDITIONAL INFORMATION

12

3 A&&I'I()A* I)F("$AI'()

3.1 Acronyms UDP TCP ARP IC&P IG&P <&1 GE &E RA& IP GUI User Data4ra, Protoco) Trans,ission Contro) Protoco) Address Reso)ution Protoco) Internet Contro) &essa4e Protoco) Internet Grou5 &essa4e Protoco) #(tensib)e &ar3u5 1an4ua4e Gi4ab/tes &e4ab/tes Rando, Access &e,or/ Internet Protoco) Gra56ica) User Inter*ace

3.2 "eferences A +

13

You might also like