Network Tracker 
If you are interested in my
projects please
contact
me,
I will be pleased to help
you. All of my projects are open source.
Network Tracker is a user (MAC)
tracker daemon, for big LANs
(campus networks).
trackerd builds a table which records which user is
connected on which port of a switch by scanning the devices with SNMP
in your inventory which is in a MySQL database. trackerd keeps that
table up-to-date by scanning the network regularly.
Thus,
you will have the opportunity to know
exactly where a user (MAC, IP, UID) is connected on your network.
Your devices are also checked
with ping and SNMP, and you are
informed with e-mail when any of the devices is not alive.
More over, you may produce various reports about your network
infrastructure on the web (cgi) or by using other tools.
Network
tracker eases especially to find and
shutdown the switch port of the users, when their PCs on the network
start to spread viruses or warms using lots of bandwith; so you are
able to stop that kind harmfull traffic on the network.
It lets you know the
exact number of active wired (LAN) and wireless (WLAN) machines on your
network.
New version tracker 0.5 2007.01.29
New
features:
- trackerd is now
multi threaded, so it runs very fast. A new thread is created for
each network device.
- It tracks wireless access points also.
-
Produces gnuplot graphics (like MRTG) for current number of users both
for LAN and WLAN.
- tracker accepts MAC address in free format (xx:xx..., xx-xx...,
xxxx.xxxx...)
- imroved mysql database create script.
For my campus network a mac tracking process was taking
approximately one hour, now it takes only 2
minutes for (160 switch and 120 access points).
See the new screenshots at the screenshots section below.
tracker version 0.4.3 2006.04.09
- New feature: Tracking history
was added.
Two new fields has been added into the settings table:
HistoryCount and
LocalHistoryCount
HistoryCount defines how many records will be stored in the database
for each MAC address.
LocalHistoryCount defines how many times, total numbers of MAC found in
tracking process will be stored in the database for statistical purpose.
- When a MAC is not found in
LDAP, then the "uid" field in the
database is set to "notfound"; reported by Baris TUMER
[baristumer@sabanciuniv.edu]
tracker version 0.4.2.1
tracker 2005.06.06
- An error which prevented
creation of the database corrected
(mysql_install file), reported by
[mvillar.averroes@juntadeandalucia.es]
tracker version 0.4.2 tracker
2005.06.02
- A new script "trackersnmp"
was added into the project.
trackersnmp is used to shutdown/open a siwtch interface by a MAC or an
IP address using SNMP.
- With a new snortsam
plugin
"snmp_interface_down" both projects are integrated.
Now, Snort
can stop effectively any
local intruder by shutting down its switch port using these two
programs.
- trackerdbgui gets an optional MySQL username (and then asks for the
password) which probably
have write access, otherwise, the default credentials in the
/etc/trackerdbgui.conf are used.
All the SQL transactions are logged into the /var/log/trackerdbgui.log
file.
- Defining the running period of the MAC tracking process was changed.
- Minor bug fixes.
tracker version 0.4 2004.12.28
- added trackerdbgui (gtk2) for
easy database operations
- added cgi reports into the project
- added some statistics into the tracker
- removed some bugs
- new english and turkish README and INSTALL files
- man pages
tracker version 0.3 2004.03.22
Screenshots
trackerdbgui
tracker
tracker1
trackersnmp
& tracker
tracker_gnuplot graphics
trackerd_reports
trackercgi_defective
devices
trackercgi_devices
trackercgi_devices_modules
trackercgi_modules
trackercgi_port_numbers
trackercgi_stock
Features
- Collects all the MAC addresses and port numbers from CAM tables of
the switches.
- Finds IP addresses of the MACs from ARP tables of the routers.
- Finds LDAP uid of the user.
- Check devices on the network with both ping and SNMP for better
reliability.
- The daemon sends 2 self check e-mail per day.
- Developped with C.
Platforms
I've tested on these platforms:
- Solaris 2.7
- Linux
- Tested with Cisco switches, access points and routers.
Download
2007.01.29 Download new
version
tracker-0.5.tar.gz
2006.04.14 Download tracker-0.4.3.tar.gz
2005.06.16 Download tracker-0.4.2.2.tar.gz
2005.06.06 Download
tracker-0.4.2.1.tar.gz
2005.06.02 Download
tracker-0.4.2.tar.gz
2004.03.22 Download
trackerd-0.4.tar.gz
2004.12.28 Download
trackerd-0.3.tar.gz
Requirements
Network Tracker uses the libraries below, you have to install them
before compiling:
- libping
- libcgi
- libesmtp
- net-snmp
- MySQL and client library
version >= 4 for multi threaded library
- open-ldap library and source files (optional)
- pkgconfig
- gnuplot binary
libping and libcgi are included
in the tar file.
Changelog
README
README.turkish
Network Tracker