Network Sentinel

Network Security Monitoring Tool

🌈 Advanced Network Security Monitoring Tool

Network Sentinel is a sophisticated network security monitoring tool that uses machine learning for threat detection and real-time network analysis.

🌟 What's New in 2.1.1

Enhanced Machine Learning

• Advanced ensemble learning system
• Improved anomaly detection
• Better threat classification
• Reduced false positives
• Enhanced performance metrics

Improved Feature Analysis

• Comprehensive packet analysis
• Flow-based statistics
• Protocol-specific features
• Real-time pattern detection
• Memory-efficient processing

Key Features

• 🔍 Real-time packet analysis and threat detection
• 🤖 Machine Learning-based anomaly detection
• 🚨 Advanced port scan detection (NULL, SYN, ACK scans)
• 📊 Live traffic monitoring and visualization
• 🛡️ Detection of common attack patterns
• 📝 Detailed logging and reporting
• 🔐 Secure storage of sensitive data
• 📈 Performance monitoring and optimization
• Machine Learning Integration
• Anomaly detection using Isolation Forest
• Pattern recognition for attack detection
• Adaptive threat detection with continuous learning
• Real-time classification of threats

Real-time Monitoring

• Live packet analysis and inspection
• Traffic visualization and statistics
• Resource usage monitoring
• Performance optimization
• Automated alerts

Better Development Tools

• Updated dependency management
• Enhanced testing framework
• Improved code quality tools
• Better documentation
• Security scanning integration

Advanced Threat Detection

• Machine Learning-based analysis
• Real-time packet inspection
• Flow-based anomaly detection
• Protocol-specific analysis
• Adaptive threat detection

Performance Monitoring

• CPU usage optimization
• Memory management
• Resource usage tracking
• Performance metrics
• Real-time statistics

Security Features

• Enhanced scan detection
• Flood attack prevention
• Malware C2 detection
• Secure data storage
• Privilege management

👾 Technical Specifications

• Python 3.8+ compatibility
• Cross-platform support (Windows, Linux)
• Modular architecture
• Extensible plugin system
• REST API support (upcoming)
• ML-powered threat detection

Known Issues

• High CPU usage during initial ML training
• False positives in certain network conditions
• Limited IPv6 support
• Memory optimization needed for large networks

Upcoming Features

• Enhanced ML model accuracy
• GUI interface
• Network topology mapping
• Threat intelligence integration
• Advanced reporting system
• Cloud integration

🐛 Reporting Issues

Bug Reports

1. Go to Issues
2. Click "New Issue"
3. Select "🐛 Bug Report"
4. Fill in the template with detailed information
5. Include logs and screenshots if possible

Feature Requests

1. Go to Issues
2. Click "New Issue"
3. Select "💡 Feature Request"
4. Describe your feature idea
5. Explain the use case and benefits

Created By

• Author: D3F417
• Team: RastaKhiz Team
• Version: 2.1.0

Install system dependencies (Ubuntu/Debian)

sudo apt-get update
sudo apt-get install python3-dev python3-pip tcpdump wireshark

• Clone repository

git clone https://github.com/D3F417/network-sentinel.git
cd network-sentinel

• Create virtual environment

python3 -m venv venv
source venv/bin/activate

• Install requirements

pip install -r requirements.txt

• Install package

pip install -e .

• Check if installed

pip list | grep network-sentinel

• Test CLI

network-sentinel --help

• List available interfaces

sudo network-sentinel list-interfaces

• Start monitoring (replace eth0 with your interface)

sudo network-sentinel monitor -i eth0 -v

Windows

Windows Prerequisites

1. Install Npcap:

   • Download from Npcap website
   • Run installer as administrator
   • Select "Install Npcap in WinPcap API-compatible Mode"

2. Install Wireshark (optional but recommended):

   • Download from Wireshark website
   • This will provide the manufacturer database for better device identification

• Open PowerShell as Administrator and run:

Set-ExecutionPolicy RemoteSigned

• Create virtual environment

python -m venv venv

• Activate (PowerShell)

.\venv\Scripts\Activate.ps1
Or CMD
venv\Scripts\activate.bat

-Install requirements

pip install -r requirements.txt

• Install the package in development mode

pip install -e .

• Check if installed

pip list | findstr network-sentinel

• Test CLI

network-sentinel --help

Open PowerShell as Administrator and run: List available interfaces

network-sentinel list-interfaces

• Start monitoring (replace "Wi-Fi" with your interface name)

network-sentinel monitor -i "Wi-Fi" -v

Usage

List available interfaces

sudo network-sentinel list-interfaces

Start monitoring (replace eth0 with your interface)

sudo network-sentinel monitor -i eth0 -v

Authors

• D3F417 - Initial work and maintenance - Sir-D3F417
• RastaKhiz Team - Development Team

Contact

• Email: info@d3f417.info
• GitHub: Sir-D3F417

License

MIT

Uninstall on Windows

Stop the service if installed

Stop-Service NetworkSentinel -ErrorAction SilentlyContinue

pip uninstall network-sentinel -y

Remove configuration and data directories

Remove-Item -Path "$env:APPDATA\Network-Sentinel" -Recurse -Force -ErrorAction SilentlyContinue
Remove-Item -Path "$env:LOCALAPPDATA\Network-Sentinel" -Recurse -Force -ErrorAction SilentlyContinue

Remove logs

Remove-Item -Path ".\logs" -Recurse -Force -ErrorAction SilentlyContinue

Remove models

Remove-Item -Path ".\models" -Recurse -Force -ErrorAction SilentlyContinue

Remove session data

Remove-Item -Path "session_stats.json" -Force -ErrorAction SilentlyContinue
Remove-Item -Path ".enc" -Force -ErrorAction SilentlyContinu