Skip to content
A 3D network connectivity visualisation tool for Mac OSX
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Interconnect.xcodeproj
Interconnect
.gitignore
README.md

README.md

Interconnect

Interconnect is a 3D visualisation tool for Mac OSX that monitors network traffic and displays the relationship between your machine and the hosts it is communicating with. Whilst primarily a novelty this can be useful for easily seeing communication with new, unexpected hosts (especially on unexpected port ranges) or simply understanding the total endpoints involved in serving a specific service such as a web page.

Hosts are grouped according to common metrics such as distance from localhost (in hop count or RTT), AS number or network. The size of each host is proportional to the total amount of traffic sent and received to/from it.

You can see a demo of Interconnect in action here.

Prerequisites

You will need to install libpcap (which you can get courtesy of installing a tool such as Wireshark) in order to use Interconnect. Additionally, the user with which you run Interconnect needs access to open /dev/bfp* devices. If you install Wireshark you'll end up with an access_bpf group to which you can add your normal OSX user via the "Users and Groups" system preference tool.

Features

Interface and Capture Rule Selection

As expected, Interconnect is able to capture on a variety of locally connected interfaces and to filter out unwanted traffic using standard BPF capture rule syntax (the same syntax used by tcmpdump and described by the pcap-filter man page).

One caveat is that the capture interface must have an IP address configured.

Configurable Host Groupings

Interconnect collects information on the hosts with which your machine communicates and attempts to capture data such as hostname, autonomous system (AS) number, hop count and round trip time (hop count information is only available if using one of the built-in traceroute style probing techniques).

In order to provide some context to communicating hosts they are grouped together using common metrics and clustered around a central point (the localhost). It is possible to group hosts based on:

  • hop count from localhost (if using a traceroute probe)
  • round-trip time to host
  • host AS
  • host network class

Display of Intermediate Hops

Interconnect tries to only display hosts that are the ultimate endpoint of an IP packet sent to or from your machine. When using a traceroute probe it is possible to also display all intermediate hosts (routers) which packets to the host must traverse. Due to assymetric routing this option has the same caveats as a normal traceroute: packets are not guaranteed to always take this route nor are packets returning from that host guaranteed to take that route.

You can’t perform that action at this time.