I am a final year undergrad student studying computing and information security. I am about to embark on my final year project, for which I have decided to try and create a network monitoring tool that visualizes the logs of the network traffic. I would like to point out that this is still a very young project but would like to ask for any pointers or advice.
I am currently thinking that I will build a piece of software in something like pearl that will call and run tcp dump from a server on the network. This will then log all entries to a data base or I i can read from p cap file s into a script which will help to display the data on a web interface from a host on the network..
have a lot to learn but some points in the correct direction would be great... like is pearl best to use should I dump everything into a data base or will it fall over if i chuck loads of data at it etc ...
your help is much appreciated