Project 3: NetWatch - Network Security Auditor

Project 3: NetWatch - Network Security Auditor

Concept: A security-focused script that scans your local network for active devices, audits open ports, and logs connection attempts to detect potential "intruders."

Core Requirements

Network Mapper: Use nmap or arp-scan to list all IP addresses currently connected to your Wi-Fi/Ethernet.

Port Vulnerability Check: A function that scans a specific IP (or localhost) to see which ports are open (e.g., SSH on 22, HTTP on 80) and flags unnecessary ones.

Connection Monitor: Real-time tracking of active "ESTABLISHED" connections using netstat or ss to see where your data is being sent.

Intruder Alert: A "Watchdog" mode that compares current connected devices against a whitelist.txt of known devices. If an unknown MAC address appears, trigger a desktop notification or a loud terminal beep.

Speed Test Integration: A scheduled command that pings a reliable server (like Google's 8.8.8.8) to log your latency and packet loss over time.

Summary

NetWatch shifts your focus toward Networking and Security. You will master essential networking tools like nmap, netstat, grep, and ping. This project is ideal for anyone interested in cybersecurity or DevOps, as it teaches you how to parse complex command output to identify patterns and potential threats. Since network data is often messy, you'll become an expert at using Regex (Regular Expressions) to clean up your reports.