Tvark 0.4 review
DownloadTvark is a network monitoring tool (sniffer) with a GUI front-end, and is tied to a MySQL database
|
|
Tvark is a network monitoring tool (sniffer) with a GUI front-end, and is tied to a MySQL database. Tvark is necessarily resource-intensive. It is a multithreaded, database utility for recording network traffic. As a consequence, it uses 100% of the CPU simply because of context-switching and packet handling. Additionally, using the database with Tvark on a high traffic network will generate a great deal of stored data quite rapidly, hence filtering options.
The database is set to record traffic based on the filtering options selected in the GUI. This will change in a future release so that database population will have its own filtering options without having to run the GUI.
What we are looking to provide is a forensic tool that meets two needs. First, an admin should be able to get a 'feel' for traffic on the network by running the GUI, and be able to determine traffic of interest quickly and visually. Second, a simple database of traffic information allows us, and anyone else, to build forensic modules that display traffic information in a customized (and thereby useful) way.
What's New in This Release:
Rename MIN/MAX to avoid name conflicts.
Avoid creating mutex before pthread_create to make some libcs happy.
Tvark 0.4 search tags