AfterGlow Frequently Asked Questions

How do I start AfterGlow 1.x?
How can I draw a graph of my current network traffic?
What output format does AfterGlow support?
Is there more material talking about AfterGlow?

How do I start AfterGlow?

You just pipe a CSV file into the afterglow script...

cat file.csv | perl afterglow.pl -c color.properties > file.dot

The dot file you visualize using the AT&T GraphViz libraries.

How can I draw a graph of my current network traffic?

To get a picture of every 2000 packets running over interface ath0 on your machine, run the following:

while true; do \tcpdump -vttttnneli ath0 | \
./tcpdump2csv.pl "sip dip dport" | head -2000 | \
../graph/afterglow.pl -c color.properties -e 2 | neato -Tgif -o test.gif; done

(This assumes you are in the parser directory of afterglow and you have a color.properties file in that respective directory). If you have a picture viewer displaying test.gif, and the viewer automatically upates the picture after 2000 packets!

What output format does AfterGlow support?

GraphViz from AT&T and LGL in AfterGlow 1.x. AfterGlow 2.0 supports treemaps.

Is there more material talking about AfterGlow?

Well, Raffy gave a presentation at DefCon. and one at EuSecWest.