The role of NOBS
NOBS continuously monitors flowing packets so that it
- gives statistical data to network managers when requested,
- generates some network-related data to manage and detect
- reports the possibility of problems to network manager and the
other components of LODES, and
- captures a number of packets when the problems are detected for
subsequent diagnosis by this expert system or by human network managers.
The Managemnet Data genereated by NOBS
It is assumed that NOBS has the subnetmask and
broadcast address of the local network that are given by network managers.
NOBS then generates the following data only from packet observations.
(Furthermore, LAND componets connects to the local routers with SMNP
to obtain routing data and adjacent network address.)
- The list of routers in the local segment
- The list of DNS that the hosts in the local segment use.
- Active hosts
- The pairs of the MAC (Media Access Control) number and the IP
address of the active host (a number of IP addresses are
assigned dynamically by BOOTP/DHCP. This type of IP adddresses
are recognized as "dynamically assigned IP address")
- Servers (Working for Public Services) such as application proxy,
WWW servers, mail servers and directory services.
- Services that each host accepts (accepting TCP connection. such
as, TELNET, FTP, SSH, and RPC)
The Statistical Data genereated by NOBS
The Problematic situation detected by NOBS
Back to the LODES top page
Updated on July 22th, 1998.