OIP is a visualization in which individual machine IPs are placed randomly on a display, and packets are visualized as different sized dots flowing from one machine to another.
OIP is primarily a server/client architecture. The server analyzes traffic on a given port, and streams summaries to clients over a udp session. The packets are encrypted using a shared AES key. The server should have two interfaces. One of them should be connected to a mirror interface, and the other should be used for the client connections.
The client can also be used as a stand-alone app by reading pcap files.
License GPLv3 project: so enjoy and have fun.
You need to install these on debian-based distros
- apt-get install libcrypto++-dev libsdl-image1.2-dev libpcap-dev libsdl1.2-dev libfreetype6-dev g++ make
This is an update and modification of the forked OIP project from /eldraco on https://github.com/eldraco/oip to run on OS X Mountain Lion.
Original source code on: https://it.wiki.usu.edu/OIP
- -e argument to speed up the analysis of pcap files:
-e 1000 is normal
-e 100 is 10x faster
-e 10 is 100x faster
-c argument to give the pcap file name in the command line: 2.1) If you give a pcap file name, the analysis starts right away.
Pause/Play the capture by pressing the letter p.
- Red for UDP
- Green for TCP
- White for ICMP
- Unknown still
You can use the mouse and the keyboard.
!to open the menu
,to start displaying the capture (Load button).
pto pause and play the capture
Checkout the master branch
git clone firstname.lastname@example.org:markich/oip.git
makeNote: If you have any dependency error, just install them.
oip.conffile to suite your needs (Optional).