 |
|
| Windows Server Tips: |
|
|
|
WINDOWS SYSTEMS AND NETWORK ADMINISTRATION
SmartSniff freeware captures raw sockets, TCP/IP packets
Serdar Yegulalp, Contributor
06.12.2006
Rating: --- (out of 5)
|
Packet sniffers are among a network administrator's best friends. They can help pinpoint whether a problem exists with a client, a server, or somewhere in between.
Nir Sofer, author of many other excellent utilities I've covered in the past, has now written a sniffer of his own: SmartSniff.
SmartSniff can work in one of two ways.
Each separate ICMP, TCP or UDP connection is broken out individually and referred to as a stream. Multiple conversations on the same connection are aggregated into the same stream. SmartSniff's top panel lists all the streams captured by the application and shows every important piece of data you could need: local and remote address, hosts and ports; service type; number of packets exchanged, total data size and capture time.
Click on one of the conversations and the data in that conversation is displayed in the bottom panel. Data sent from your machine is in blue, while data sent to your machine is in purple.
Note: Remote host name lookups are only resolved after you stop recording (so that traffic doesn't get logged as well), and only 7-bit ASCII data is presented by default. If you select Options | "Display Characters Above ASCI
To continue reading for free, register below or login
To read more you must become a member of SearchWindowsServer.com
I 127," you'll see all the characters, but the color-coding on the display will vanish and the data might not be as coherent.
Nir Sofer's applications have a high degree of consistency in their presentation. For instance, if you double-click on one of the conversations, you get an expanded infobox that's the same as one he's written for other tools. The whole record buffer can be saved in both a native data format and to an HTML report, and both the display results and capture actions can have filters applied to them so you only record what you need to see.
About the author: Serdar Yegulalp is editor of the Windows Insight, (formerly the Windows Power Users Newsletter), a blog site devoted to hints, tips, tricks and news for users and administrators of Windows NT, Windows 2000, Windows XP, Windows Server 2003 and Vista. He has more than 12 years of Windows experience under his belt, and contributes regularly to SearchWinComputing.com and SearchSQLServer.com.
More information on this topic:
White Paper: TCP/IP for Windows 2000: Introduction to TCP/IP
Topics: Network Management
RSS: Sign up for our RSS feed to receive expert advice every day.
|
|
|
|
|
|
|
|
|
| TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of . |
|
| |
All Rights Reserved, , TechTarget |
|
|
|
|
|
