The wu program for linux (dowload here) invokes a depth-first search algorithm to help draw a router level heuristic map of a network. The map will get drawn on your console.

To help discover the network topology the program sends out "hop limited probes" in an imitation of the traceroute program. To analyse the results of the probes, and to decide which probes to send, the program uses at its core an algorithm that essentially tries to guess routing tables of routers, given the results of the probes. The program can then send probes down the next branches of the network, recursively.

The program also can try to guess whether some sort of load balancing is being used. It can make this guess if hop ips have a given number of bits the same. It will then interpret and draw these ips as one single branch of the tree. In addition, the program can guess whether a server or dialup "farm" exists on any branch of the network.

Since the program uses heuristics to guess network topology, it does not usually send probes to every node on a network. In addition, the program does not re-test nodes it has already visited. The heuristic map it generates is not necessarily accurate, but then again, it is impossible to accurately map a network with hop limited probes since network topology is dynamic.

The program's functionality could actually have been reproduced with a wrapper to many versions of the traceroute program that is out there (namely the ability to set first and maximum hop), but the libnet and libpcap libraries were used.


mail to: Colin Laney at net_mappingNOSPAM@yahoo.com

Make your own free website on Tripod.com