SMART uses Graphviz

SMART and the Interactive Demo require the Adobe SVG Viewer

If you use Firefox, we recommend using the IE Tab Add-on to render SVG using IE with the Adobe SVG Viewer. For Linux clients, use the mozilla browser with the Adobe SVG Viewer.

** This project is no longer active. This page remains for background in case others want to continue development of this or similar projects. **

What is SMART?

The Safe Mapping and Reporting Tool (SMART) is a completely passive network flow visualization tool for small to medium sized IP networks featuring device and operating system identification and network service enumeration. Written in Perl, SMART has been tested under Linux and Cygwin.

SMART is a project of the Research team for the Critical Infrastructure Assurance Group (CIAG) at Cisco Systems, Inc. (CIAG was eliminated as part of Cisco corporate restructuring in 2007/2008)

Motivation: Network Situational Awareness

SMART was initially developed for control systems and SCADA network operators, many of whom are migrating from legacy protocols to IP. Some of the IP-enabled devices now in use by utilities and other critical infrastructure sectors are known to fail when subjected to active network scanning tools commonly used in enterprise networks. This hinders network mapping and reduces network situational awareness. SMART helps identify active network services while also visually charting the protocol exchanges between end nodes without generating any network traffic.

SMART is run like a packet analyzer by connecting the SMART host to a hub or a SPAN port on a switch where it can inspect network traffic. SMART is intentionally light weight with no notion of signatures or rules beyond the simple ability to distinguish between local and remote hosts based on command line settings.

SMART can also process packet capture files from tools like tcpdump or ethereal/wireshark in pcap format, adding network flow visualization to your forensic toolkit.