Healthcheck packet generator for the AMPT passive network tools monitor.
AMPT is a practical framework designed to aid those who operate network IDS sensors and similar passive security monitoring systems. A tailored approach is needed to actively monitor the health and functionality of devices that provide a service based on capturing and inspecting network traffic. AMPT supports these types of systems by allowing operators to validate traffic visibility and event logging on monitored network segments. Examples of systems that can benefit from this type of monitoring are:
See AMPT for more information on the AMPT framework and the problems it solves.
ampt-generator functions as a simple packet crafting component in the AMPT framework. It exposes a simple API service to receive requests from the AMPT manager to dispatch healthcheck IP packets to monitored network segments. API requests are authenticated using HMAC and a simplistic replay counter. It is implemented in Python and uses the Scapy library for packet generation. It currently supports Python 3 and is simple to deploy.
Other AMPT components include:
- ampt-manager - Management service for the AMPT passive network tools monitor
- ampt-monitor - Sensor alert monitor core package for the AMPT passive network tools monitor
See the Wiki for further documentation.