
Overview
The Netmapper tool from the Distributed Analytics and Security Institute (DASI) at Mississippi State University is a network mapping tool with the following features:- Host discovery using the Nmap program and SNMP (v1/v2c/v3 support, SNMP functions are within Netmapper, not Nmap).
- Layer 3 topology discovery using SNMP and data retrieved via remote login.
- Layer 2 topology discovery using SNMP.
- Host role inference (such as Domain Controller, DNS, DHCP, WSUS, Yum server, etc.) for both Windows and Linux nodes from data retrieved via remote login. Supported OSes for remote login are Windows Server 2008/2012, Windows 7 and above, CentOS 6/7, and Ubuntu 12/14.
- Remote CLI login query for Cisco devices. Supported OSes are IOS, NX-OS, IOS-XR, IOS-XE, and ASA.
- Network Difference tool for comparing networks produced from different scans.
- Network Merge tool for merging networks from different scans to produce a larger network view.
- Encrypted credential storage.
- XML output format.
- Dynamic visualization (zoom/pan) of the network.
- Static visualization using PDF or Visio as the output file format, different options for controlling graph output.
- Graphical difference between a reference Visio file of the network and a scanned network.
- Command-line capability that supports automated regression testing of VMware Vapps.
Complete PDF documentation is available.
Video tutorials are available here.
The primary usage scenario for Netmapper is to scan physical networks in order to later replicate those networks and devices in a virtual environment for security testing. After the virtual network is built, Netmapper can scan the network and a graphical or textual difference can be performed as a validity check. Netmapper is principally GUI-driven, but also has a scripting capability that allows automated runs.