Netifera

From aldeid
Jump to: navigation, search
Netifera.png

Description

What is Netifera?

Netifera is a network scanner capable of passive scanning (scan of a pcap file, live network sniffing) as well as active scanning (entity port scan). It enables to identify hosts on the network.

Architecture in a nutshell

Netifera-architecture.png

Here is the way objects are organized within Netifera:

  • A workspace is the global container.
  • This latest is divided into spaces to enable the isolation of netblocks.
  • Each space contains entities (hosts, hardware, ...) detected by the sniffer

Installation

Installation of Netifera

$ cd /data/src/
$ wget http://netifera.com/download/netifera-1.0-linux.gtk.x86.zip
$ unzip netifera-1.0-linux.gtk.x86.zip
$ mkdir -p /pentest/scanners/
$ mv netifera /pentest/scanners/

Installation of the backdoor

For Netifera to be able to sniff, you need to install the backdoor. To install it, run:

$ cd /pentest/scanners/netifera/
$ sudo ./backdoor_install.sh

To be able to sniff, you usually need root privileges. This backdoor has been developed to enable sniffing without starting Netifera as root.

Netifera-backdoor-installation.png

Usage

Start netifera

$ cd /pentest/scanners/netifera/
$ ./netifera

Interface

Menu

  • File
    • New Space: Create a new space (add a tab in the existing workspace)
    • Open Space: Load list of existing spaces
    • Open WorkSpace: Popup a window with the list of existing workspaces
    • New Workspace: Popup a window with a form enabling to name the workspace to create
    • Exit: Quit the application
  • Window
    • Preferences: Open preferences window (terminal buffer lines, serial timeout, network timeout)
    • Open View
      • Tasks: Load the Tasks view
      • Other: Popup a window with list of views
    • Open Perspective: Popup a window with the list of existing perspectives (default: Sniffing, Tools)
      • Other: Popup a window with the list of existing perspectives
    • Show Perspective: Same as open perspectives
    • Reset Perspective: Resets perspectives to default
    • Close Perspective: Close currently active perspective
    • Close All Perspectives: Close all opened perspectives
    • Show View Menu
  • Help
    • About: Show splash screen with installed version

Toolbars

Tools toolbar (top left)

This toolbar is shown when the Tools perspective is loaded.

Netifera-toolbar-top-left.png

The top left toolbar enables to:

  • Add a new space
  • Open an existing workspace
  • Create a new workspace
  • Manually add new entities to a space, using the input field. The input bar understands inputs in the following formats:
  • IP address: e.g. 192.168.100.1
  • Netblock in CIDR notation: 192.168.100.0/24
  • HTTP URLs: http://www.aldeid.com/
  • Email address: [email protected]
  • Domain: .aldeid.com

Sniffing toolbar (top left)

Netifera-toolbar-top-left-sniffing.png

This toolbar is shown when the Sniffing perspective is loaded.

Icons on this toolbar enable to:

  • Create a new space
  • Open an existing workspace
  • Create a new workspace
  • Stop a live capture
  • Start a live capture
  • Configure sniffing service
  • Open a packet capture file (*.pcap file)
Netifera capture options

Options available in the sniffer configuration:

  • Network interfaces: Select the interfaces to use for the capture
  • Sniffing modules:
    • DNS Sniffer
    • Passive OS fingerprinting
    • HTTP Sniffer
    • ARP Information Gathering
    • Passive Service Detector

Perspective toolbar (top right)

Netifera-toolbar-top-right.png

This toolbar enables to switch between perspectives. Two default perspectives are loaded:

  • Tools
  • Sniffing

Other tools (bottom left)

Netifera-toolbar-bottom-left.png

The icons in this toolbars are:

  • Fast view: enable to change current view
  • Console: display log/debugging window
  • Probe list: display list of probes
  • Space list: display list of spaces

Memory (bottom right)

Netifera-toolbar-bottom-right.png

Netifera is developed in Java and is launched with a limited amount of memory. This indicator shows live memory usage. To reset the memory stack, click on the trash icon.

Space

Netifera - Space

This shows the spaces that have been created (tabs). On each space, the list of entities is displayed.

By moving the mouse over an entity, a menu is displayed:

  • Reverse DNS Lookup
  • Discover TCP Services
  • Discover UDP Services
  • Create netblock */16
  • Create netblock */24

This menu also contains icons to:

  • Scan common TCP/UDP ports
  • Add a tag
  • Remove the entity from the space
Info.png
Note
Notice that tags are used to group entities. If many entities have the same tag, they will be grouped in the same folder.

Tasks

Netifera - Tasks

By clicking on options from the entity menu, it executes tasks.

For each task, there is a progress bar as well as a task output in this view.

Comments

Talk:Netifera