tag:blogger.com,1999:blog-85225886417402011392024-03-06T01:23:09.134-08:00SnifferClub - Free Packet Sniffer Software Download, Review, Howto's and ArticlesSnifferClub is a place we can download and discuss, free, hot, new, best packet sniffer software on the planet. Share packet sniffer knowledge, packet sniffer software reviews, packet sniffer software news.Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.comBlogger33125tag:blogger.com,1999:blog-8522588641740201139.post-25624099569782310402009-06-24T02:59:00.000-07:002009-06-24T03:07:18.273-07:00How to Detect Email Worm with Colasoft Packet Sniffer<strong>What Is an Email Worm</strong><br />In networking, an email worm is a computer worm which can copy itself to the shared folder in system. And it will keep sending infected emails to stochastic email addresses. In this way, it spreads fast via SMTP mail servers.<br /><p><br /><strong>What Is the Harm of Email Worm</strong><br /><br>An email worm can send lots of infected emails in a very short time and it will never stop unless it’s removed. It will cause a large traffic and make the system go slowly. Sometimes it even makes the mail server crash.<br /><p><br /><strong>How to Detect Email Worm</strong><br /><br>If you are suspicious some host in your network is infected with an email worm, here is a process how we can <strong><a href="http://blog.colasoft.com/how-to-detect-email-worm-with-colasoft-packet-sniffer/" title="how to detect email worm">detect email worm"</a></strong> in network with Colasoft <a title="Colasoft Packet Sniffer" href="http://www.colasoft.com/capsa/?prid=csblog" target="_blank">Packet Sniffer</a>, step by step.<br /><p><br />><em>Step1. <a title="Download Colasoft Packet Sniffer" href="http://www.colasoft.com/download/products/capsa.php?prid=csblog" target="_blank">Download a free trial</a> and <a title="deploy colasoft packet sniffer correct" href="http://www.colasoft.com/support/installation.php?prid=csblog" target="_blank">deploy it properly</a>.</em><br /><p><br />><em>Step2. Launch a Project and Start Capturing Some Traffic.</em><br /><p><br />><em>Step3. Switch to “Diagnosis” Tab</em><br /><br>Diagnosis tab is a view we can see all the network issues automatically detected by Colasoft Packet Sniffer, also some causes and solutions are suggested.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss1.gif"><img class="size-full wp-image-289" title="Click to View Large" src="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss1.gif" alt="Diagnosis Tab Screenshot" width="480" height="360" /></a><br /><p><br />If there is a host infected with an email worm, we should be able to see SMTP events in the application layer like this:<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss2.jpg"><img class="size-full wp-image-291" title="SMTP Events in Application Layer" src="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss2.jpg" alt="SMTP Events in Application Layer" width="401" height="138" /></a><br /><p><br />><em>Step4. Locate the Source IP</em><br /><br>Possibly the source IP is the host infected with an email worm as it is sending too many emails in a short period of time with SMTP. So let’s locate the source IP in the “Explorer” with the “Locate” shortcut in the right-click menu.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss3.gif"><img class="size-full wp-image-293" title="Click to view large" src="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss3.gif" alt="Locate Source IP" width="480" height="360" /></a><br /><p><br />><em>Step5. Switch to “Logs” Tab</em><br /><br>Check if the host is sending emails to a large number of recipients in a very short period of time. If so, we can determine the host is infected with an email worm and should be handled immediately. We should be able to see logs in the Tab like this:<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss4.jpg"><img class="size-full wp-image-294" title="View Email Logs in "Logs" Tab" src="http://blog.colasoft.com/wp-content/uploads/2009/06/detect-email-worm-ss4.jpg" alt="View Email Logs in "Logs" Tab" width="433" height="117" /></a><br /><p><br />No doubt the final step is to isolate the host and kill the email worm with some AV software<br /><p><br />Also there will be some other process to detect email worm with Colasoft Packet Sniffer, this is the shortest one.<br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-76958904697579158392009-06-17T03:23:00.000-07:002009-06-17T03:28:49.605-07:0014 Tips to Protect Your Organization's Network<a href="http://www.colasoft.com/?prid=00060003"><img id="Colasoft Network Analyzer" style="FLOAT: right; MARGIN: 0px 0px 10px 10px; WIDTH: 125px; CURSOR: hand; HEIGHT: 125px" alt="Colasoft Network Analyzer" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzXDf31PxtWyDSIyxcEAcsDHXg8Wt8d9BTo6BrdRijSBOSdD-Fm1j9KlBEk1nhxrMfxafyPVzSPZdSBF6bxO2efPTqaLgKmCVmfcOuxT3SsmP2Jg8c3TaJXLjbLtIiSkhf3aXk2U7spLD2/s400/125_125_2.gif" border="0" /></a><br /><p>Network security is an infinitely complex and dynamic subject, implementing these <a href="http://topnetworksniffers.blogspot.com/2009/06/14-tips-to-protect-your-organizations.html">simple measures </a>will go a long way to protecting your Organization's LAN.</p><br /><p>1,<strong> Run <a href="http://www.colasoft.com/?prid=00060003">Network Analyzer</a> Frequently.</strong>Recommend an easy-to-use network analyzer, <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Capsa</a>. </p><br /><p>2, <strong>Disable drives</strong>:Disable floppy drive access, USB ports and serial ports on networked computers.</p><br /><p>3,<strong> Restrict Permissions</strong>: Windows 2000 and 2003 server allow you to set permissions so that users can't run downloaded 'exe' or other executable files. </p><br /><p>4,<strong> Block Instant Messenger</strong>:IM and its cousins, ICQ and Yahoo Messenger, sends messages and attachments out to a server and then back to its clients. You lose control when this happens.</p><br /><p>5,<strong> Password Protect Your BIOS</strong>:A BIOS without an administrator password is an invitation to mischief. </p><br /><p>6,<strong> Run AV Software</strong>: Run anti-virus software on all your computers.</p><br /><p>7,<strong> Build Your Defenses</strong>: Install a firewall or a proxy server.</p><br /><p>8,<strong> Beware Of Attachments From Unknown, Untrusted Sources</strong>:Do not open attachments to email unless you trust the sender.</p><br /><p>9,<strong> Monitor Your Ports</strong>:Install a port monitor to prevent your ports from being scanned.</p><br /><p>10,<strong> Encrypt Wireless Access</strong>.</p><br /><p>11,<strong> Keep Back Office Systems Off The Organization Network</strong></p><br /><p>12,<strong> Require passwords to be changed frequently</strong></p><br /><p>13,<strong> Use CTRL+ALT+DEL to logon</strong></p><br /><p>14,<strong> Keep your networking skills up to date.</strong></p><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-83299060652232132632009-06-11T00:26:00.000-07:002009-06-11T00:34:54.345-07:00How to detect the network malfunction via the end-point view with Colasoft Packet Sniffer<P style="TEXT-ALIGN: left"><STRONG>Brief introduction about the Endpoint view in <A title="Colasoft Packet Sniffer 6.9" href="http://www.colasoft.com/capsa/?prid=00060001">Colasoft Packet Sniffer</A></STRONG> </P><br /><P style="TEXT-ALIGN: left">It is divided into Mac endpoint and IP endpoint in Colasoft 6.9. Users can detect the IP/Mac endpoint in the largest traffic in a short time by the endpoint analytics. And also, The system supply clear statistics of traffic ranking(Top 5 IP endpoint under HTTP protocol). <BR><BR>In the Endpoint view, we can see the specific traffic situation clearly of all the hosts(Including a network segment, a Mac address, and a IP address) in the currently network. Like the hosts with the largest total traffic, hosts that send/receive the largest traffic, hosts that send/receive the most packets, etc. <BR><BR>According to this information, we can confirm that if there are Broadcast / multicast storm, and help users detecting the network malfunctions about network slow, network disconnect, worm attack, DOS attack, and all the malfunctions besides. <BR><BR><STRONG>Application case study</STRONG> Once we meet the network malfunction or attack, what the most important thing we should pay attention to, is the currently total network traffic, sent/received traffic, network connection etc, to get a clear direction to find the problem. And, all of this information are included in the endpoint view in Colasoft Packet Sniffer 6.9(figure 1): <BR><BR><A href="https://egqdxw.blu.livefilestore.com/y1mNWiZV65j2wZEQwshKI76yZSBj2zrlVpkqHHps5IEA6OPZlF3sCuF7WCP5qDtG8fOayUYtomMRpXHXwRTrZFqHg1OafNbLX8pSfQFSHUuNjrjRH57z7sGk5QiX0psTRzbet-3jQ25BXC4g-6oMg1F4Q/Untitled-1.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1mNWiZV65j2wZEQwshKI76yZSBj2zrlVpkqHHps5IEA6OPZlF3sCuF7WCP5qDtG8fOayUYtomMRpXHXwRTrZFqHg1OafNbLX8pSfQFSHUuNjrjRH57z7sGk5QiX0psTRzbet-3jQ25BXC4g-6oMg1F4Q/Untitled-1.jpg target=_blank><IMG alt="" src="https://egqdxw.blu.livefilestore.com/y1mNWiZV65j2wZEQwshKI76yZSBj2zrlVpkqHHps5IEA6OPZlF3sCuF7WCP5qDtG8fOayUYtomMRpXHXwRTrZFqHg1OafNbLX8pSfQFSHUuNjrjRH57z7sGk5QiX0psTRzbet-3jQ25BXC4g-6oMg1F4Q/Untitled-1.jpg"></A><A href="https://egqdxw.blu.livefilestore.com/y1m_gaHEK9AqAsYdu-TnZmVKAHAnfHI1kIFOJvnDGKv_1xsqzgjfK61XqXTUqUNXui_naoqaepPmu8Y2-4vpz1kI-h0yaMecM4bmtP1b747a7eFulZivGU82YGaNlOqxk64GFAFf0csZmHiWy-UEfBzgg/Untitled-2.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1m_gaHEK9AqAsYdu-TnZmVKAHAnfHI1kIFOJvnDGKv_1xsqzgjfK61XqXTUqUNXui_naoqaepPmu8Y2-4vpz1kI-h0yaMecM4bmtP1b747a7eFulZivGU82YGaNlOqxk64GFAFf0csZmHiWy-UEfBzgg/Untitled-2.jpg target=_blank></A><A href="https://egqdxw.blu.livefilestore.com/y1mQrVNfc5QOFsJwyKaaaCsviEb9UPP0foMT3kScJ0TXuPVprNzBE9arAct3pk3YAcNAN3vWbazdU-WfQhEqdcITx6OlIliI9uoA6ZLaIe_wPNsSnD-8TNS_CuzFWhlNsP7oYwoxg5mrvGaKEac-QDC9A/Untitled-3.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1mQrVNfc5QOFsJwyKaaaCsviEb9UPP0foMT3kScJ0TXuPVprNzBE9arAct3pk3YAcNAN3vWbazdU-WfQhEqdcITx6OlIliI9uoA6ZLaIe_wPNsSnD-8TNS_CuzFWhlNsP7oYwoxg5mrvGaKEac-QDC9A/Untitled-3.jpg target=_blank></A><A href="https://egqdxw.blu.livefilestore.com/y1miEiNMOyeedGUHC8L7rw0tzK3QTK4OsW4B0VL5620i7ZiU0xWIuonh0Uyd2DzA6fVaHWUmI5Ovh7BFlN6TFCsDHOBRX_fbHX116iCvsVKZb2ANtTifjtRyt2YdB9uWx2Kfw4-tjxgJMHx1tbUbCfQ-g/Untitled-4.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1miEiNMOyeedGUHC8L7rw0tzK3QTK4OsW4B0VL5620i7ZiU0xWIuonh0Uyd2DzA6fVaHWUmI5Ovh7BFlN6TFCsDHOBRX_fbHX116iCvsVKZb2ANtTifjtRyt2YdB9uWx2Kfw4-tjxgJMHx1tbUbCfQ-g/Untitled-4.jpg target=_blank></A><BR><BR>In figure 1 we can make a compositor on the total traffic, network connection and other related information, to find and locate the host with largest traffic or most connections in the network. For example, at present, the host with the largest network connection is , we can locate the host, then check the related connection information(figure 2): <BR><BR>The connection information shown as the figure 2, we can know that has set up a large amount of TCP connection with other hosts, and the destination address and destination endpoint are indefinite, and Many of the state is to connect client requests synchronization. <BR><A href="https://egqdxw.blu.livefilestore.com/y1m_gaHEK9AqAsYdu-TnZmVKAHAnfHI1kIFOJvnDGKv_1xsqzgjfK61XqXTUqUNXui_naoqaepPmu8Y2-4vpz1kI-h0yaMecM4bmtP1b747a7eFulZivGU82YGaNlOqxk64GFAFf0csZmHiWy-UEfBzgg/Untitled-2.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1m_gaHEK9AqAsYdu-TnZmVKAHAnfHI1kIFOJvnDGKv_1xsqzgjfK61XqXTUqUNXui_naoqaepPmu8Y2-4vpz1kI-h0yaMecM4bmtP1b747a7eFulZivGU82YGaNlOqxk64GFAFf0csZmHiWy-UEfBzgg/Untitled-2.jpg target=_blank><IMG alt="" src="https://egqdxw.blu.livefilestore.com/y1m_gaHEK9AqAsYdu-TnZmVKAHAnfHI1kIFOJvnDGKv_1xsqzgjfK61XqXTUqUNXui_naoqaepPmu8Y2-4vpz1kI-h0yaMecM4bmtP1b747a7eFulZivGU82YGaNlOqxk64GFAFf0csZmHiWy-UEfBzgg/Untitled-2.jpg"></A><BR> </P><br /><P style="TEXT-ALIGN: left">Next, check the TCP packets, we can check them out in Summary and Graphic as follows:<A href="https://egqdxw.blu.livefilestore.com/y1mQrVNfc5QOFsJwyKaaaCsviEb9UPP0foMT3kScJ0TXuPVprNzBE9arAct3pk3YAcNAN3vWbazdU-WfQhEqdcITx6OlIliI9uoA6ZLaIe_wPNsSnD-8TNS_CuzFWhlNsP7oYwoxg5mrvGaKEac-QDC9A/Untitled-3.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1mQrVNfc5QOFsJwyKaaaCsviEb9UPP0foMT3kScJ0TXuPVprNzBE9arAct3pk3YAcNAN3vWbazdU-WfQhEqdcITx6OlIliI9uoA6ZLaIe_wPNsSnD-8TNS_CuzFWhlNsP7oYwoxg5mrvGaKEac-QDC9A/Untitled-3.jpg target=_blank><IMG alt="" src="https://egqdxw.blu.livefilestore.com/y1mQrVNfc5QOFsJwyKaaaCsviEb9UPP0foMT3kScJ0TXuPVprNzBE9arAct3pk3YAcNAN3vWbazdU-WfQhEqdcITx6OlIliI9uoA6ZLaIe_wPNsSnD-8TNS_CuzFWhlNsP7oYwoxg5mrvGaKEac-QDC9A/Untitled-3.jpg"></A><BR><BR><A href="https://egqdxw.blu.livefilestore.com/y1miEiNMOyeedGUHC8L7rw0tzK3QTK4OsW4B0VL5620i7ZiU0xWIuonh0Uyd2DzA6fVaHWUmI5Ovh7BFlN6TFCsDHOBRX_fbHX116iCvsVKZb2ANtTifjtRyt2YdB9uWx2Kfw4-tjxgJMHx1tbUbCfQ-g/Untitled-4.jpg" rel=WLPP;url=https://egqdxw.blu.livefilestore.com/y1miEiNMOyeedGUHC8L7rw0tzK3QTK4OsW4B0VL5620i7ZiU0xWIuonh0Uyd2DzA6fVaHWUmI5Ovh7BFlN6TFCsDHOBRX_fbHX116iCvsVKZb2ANtTifjtRyt2YdB9uWx2Kfw4-tjxgJMHx1tbUbCfQ-g/Untitled-4.jpg target=_blank><IMG alt="" src="https://egqdxw.blu.livefilestore.com/y1miEiNMOyeedGUHC8L7rw0tzK3QTK4OsW4B0VL5620i7ZiU0xWIuonh0Uyd2DzA6fVaHWUmI5Ovh7BFlN6TFCsDHOBRX_fbHX116iCvsVKZb2ANtTifjtRyt2YdB9uWx2Kfw4-tjxgJMHx1tbUbCfQ-g/Untitled-4.jpg"></A><BR><BR>In the TCP packets information, we found has sent TCP synchronization packet, and the TCP FIN packets and TCP Reset packets are, this is deviant in the network. </P><br /><P style="TEXT-ALIGN: left">Please go to the <A title="Capsa FAQ" href="http://www.colasoft.com/capsa/network_solution.php?prid=00060001" target=_blank>Colasoft Official FAQ page</A> for more "How-tos"</P><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-86904527182276731402009-06-10T02:54:00.000-07:002009-06-10T03:02:22.441-07:00How to Track BitTorrent User in Network with Colasoft Packet Sniffer<strong>BitTorrent Consumes Big Bandwidth</strong><br /><br>Based on the working principle of BitTorrent protocol, if somebody is downloading big files with BitTorrent software, it will be a disaster for other users who need bandwidth for business operations as the user will consume large amount of bandwidth, thus causing long time network slowness, intermittence, even disconnections; because meantime the user downloading files from others, others are downloading files from him.<br /><p><br />So it is necessary for IT administrators to track BitTorrent user at first place to regain network bandwidth for business operations. Blocking BitTorrent protocol can be one way; this article is to discuss how to <a href="http://blog.colasoft.com/how-to-track-bittorrent-user-in-network-with-colasoft-packet-sniffer/" title="how to track BitTorrent user">track BitTorrent user</a> with <a title="colasoft packet sniffer" href="http://www.colasoft.com/capsa/?prid=00060003" target="_blank">Colasoft Packet Sniffer</a>.<br /><p><br /><strong>How to Track BitTorrent User?</strong><br /><p><br /><em>>Step1. <a title="Download Colasoft Packet Sniffer Free Trial" href="http://www.colasoft.com/download/products/capsa.php?prid=00060003" target="_blank">Download a free trial</a> and <a title="implement packet sniffer correct" href="http://www.colasoft.com/support/installation.php?prid=00060003" target="_blank">implement it correctly</a></em><br /><p><br /><em>>Step2. Launch a project and start capturing data</em><br /><p><br /><em>>Step3. Find BitTorrent Protocol in the "Protocols" Tab</em><br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss1.jpg"><img class="size-full wp-image-190" title="Track BitTorrent User Screenshot 1" src="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss1.jpg" alt="Track BitTorrent User Screenshot 1" width="480" height="359" /></a><br /><p><em>>Setp4. Locate BitTorrent Protocol in the "Explorer"</em><br /><br>Use the "Locate" function to locate BitTorrent protocol in the "Explorer" to analyze dedicated data.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss2.jpg"><img class="size-full wp-image-191" title="Track BitTorrent User Screenshot 2" src="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss2.jpg" alt="Track BitTorrent User Screenshot 2" width="480" height="359" /></a><br /><p><br /><em>>Step5. Track BitTorrent User in LAN in the "Endpoint" Tab</em><br /><br>This is the way how to track the BitTorrent user in our network and who are connected with him. There is a lot more we can see from this tab, such as how much data has been downloaded and uploaded via BitTorrent protocol.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss3.jpg"><img class="size-full wp-image-192" title="Track BitTorrent User Screenshot 3" src="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss3.jpg" alt="Track BitTorrent User Screenshot 3" width="480" height="359" /></a><br /><p><br /><strong>View how many connections have been built in "Matrix"</strong><br /><br>You’ll be shocked to see how many connections have been built in the "Matrix" Tab. In this case, we can see this user has built more than 1000 connections with other hosts.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss4.jpg"><img class="size-full wp-image-193" title="Track BitTorrent User Screenshot 4" src="http://blog.colasoft.com/wp-content/uploads/2009/06/track-bittorrent-user-ss4.jpg" alt="Track BitTorrent User Screenshot 4" width="480" height="359" /></a><br /><p><br /><strong>About BitTorrent</strong><br /><br>BitTorrent is a peer-to-peer file sharing protocol used for distributing large amounts of data. BitTorrent is one of the most common protocols for transferring large files.<br /><p><br />The protocol works when a file provider initially makes his/her file (or group of files) available to the network. This is called a seed and allows others, named peers, to connect and download the file. Each peer that downloads a part of the data makes it available to other peers to download. After the file is successfully downloaded by a peer, many continue to make the data available, becoming additional seeds. This distributed nature of BitTorrent leads to a viral spreading of a file throughout peers. As more peers join the swarm, the likelihood of a successful download increases. Relative to standard Internet hosting, this provides a significant reduction in the original distributor's hardware and bandwidth resource costs. It also provides redundancy against system problems and reduces dependence on the original distributor.<br /><p><br /><strong>Next Step</strong><br /><br><a title="Download Colasoft Packet Sniffer Free Trial" href="http://www.colasoft.com/download/products/capsa.php?prid=00060003" target="_blank">>>Download a Free Trial</a><br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-34160544459554770642009-06-08T22:26:00.001-07:002009-06-08T22:26:55.174-07:00How to Monitor MSN Chat with Free Unipeek MSN MonitorFor some purposes we want to monitor MSN chat around the network, for example, parents want to monitor MSN chat of their kids to ensure their safety; bosses want to monitor MSN chat of employees for company assets security and to improve work efficiency by minimizing none-business chat during working hours. You may still remember Colasoft MSN Monitor, now it is called <a title="Unipeek MSN Monitor" href="http://www.msn-monitor.com/index.php" target="_blank">Unipeek MSN Monitor</a> and it is distributed <strong>completely Free</strong> for none commercial users.<br /><p><br />Now let’s see how we can <a title="How to Monitor MSN Chat" href="http://blog.colasoft.com/how-to-monitor-msn-chat-with-free-unipeek-msn-monitor/" target="_blank">monitor MSN chat</a> with Unipeek MSN Monitor, the free tool.<br /><p><br /><strong>Step1. Download Unipeek MSN Monitor</strong><br /><p><br /><a title="Download Unipeek MSN Monitor" href="http://www.msn-monitor.com/download_msn_monitor.php" target="_blank">Download Unipeek MSN Monitor</a>, the free edition; from the website. As a matter of fact there is no function difference between Unipeek MSN Monitor the free edition and the commercial edition. The only difference is Unipeek MSN Monitor Free Edition only supports 10 MSN accounts maximum, but quite enough for family users.<br /><p><br /><strong>Step2. Install and Deploy Unipeek MSN Monitor</strong><br /><p><br />The installation is quick and simple, just click “next” all the way to complete the installation. But the deployment is somewhat different. As Unipeek MSN Monitor is designed based on <a title="Colasoft Network Analyzer Software for Windows" href="http://www.colasoft.com/prid=00060003" target="_blank">Colasoft</a>’s packet capturing technology, so it has to be <a title="how to deploy packet sniffer" href="http://www.colasoft.com/support/installation.php?prid=00060003" target="_blank">deployed properly</a> like a packet sniffer if you want to monitor all MSN chat around the network. Of course, you don’t have to do it if you only want to monitor MSN chat of a single computer. To monitor multiple computers, you can install multiple copies.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/monitor-msn-chat-ss1.jpg"><img class="size-full wp-image-179" title="How to Monitor MSN Chat Screenshot 1" src="http://blog.colasoft.com/wp-content/uploads/2009/06/monitor-msn-chat-ss1.jpg" alt="How to Monitor MSN Chat Screenshot 1" width="526" height="376" /></a><br /><p><br /><strong>Setp3. Run it and Start Monitor MSN Chat</strong><br /><p><br />After proper installation and deployment, we can start monitoring MSN chat right away.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/06/monitor-msn-chat-ss2.jpg"><img class="size-full wp-image-180" title="How to Monitor MSN Chat Screenshot 2" src="http://blog.colasoft.com/wp-content/uploads/2009/06/monitor-msn-chat-ss2.jpg" alt="How to Monitor MSN Chat Screenshot 2" width="544" height="408" /></a><br /><p><br /><strong>About Unipeek MSN Monitor</strong><br />Unipeek MSN Monitor (MSN sniffer) is Free MSN monitoring software for MSN chat monitoring and MSN message archiving. Based on Colasoft's packet analysis technology, Unipeek MSN Monitor is able to deliver the most accurate MSN monitoring statistics, and automatically record data for future reference. You need only install Unipeek MSN Monitor once to monitor all MSN chats over the local network.<br /><p><br /><strong>Key Features include:</strong><br /><br>• Real-time and 24/7 MSN chat monitoring<br /><br>• Automatically archive MSN messages for future reference<br /><br>• Export messages of a custom time range<br /><br>• Customize MSN account list to be monitored<br /><br>• Unique Conversation Matrix showing account relations<br /><br>• Support emotion icons, message font size and color.<br /><p><br /><strong>Download Now</strong><br /><br><a title="Download Unipeek MSN Monitor" href="http://www.msn-monitor.com/download_msn_monitor.php" target="_blank">Download Unipeek MSN Monitor</a><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-1343998538880579642009-06-08T22:24:00.000-07:002009-06-08T22:25:59.599-07:00How to Monitor Emails with Colasoft Packet Sniffer<p>Some people may doubt if it is legal to <a href="http://blog.colasoft.com/how-to-monitor-emails-with-colasoft-packet-sniffer/">monitor emails</a> of employees with an email monitor software (aka. email spy or email checker), but this is not the topic of this article. We are going to discuss how we can monitor emails with some technical methods, especially how we can monitor emails with this packet sniffer – Colasoft Capsa.<br /><p><strong>Step 1. Still we need to <a title="download colasoft pakcet sniffer free trial" href="http://www.colasoft.com/download/products/capsa.php?prid=00060001" target="_blank">download a free trial</a> and <a title="how to deploy packet sniffer" href="http://www.colasoft.com/support/installation.php?prid=00060001" target="_blank">deploy it correctly</a>.</strong><br /><p><strong>Step 2. Launch a project</strong><br /><p>If we have not set Capsa to save email logs to a local disk, we’ll not be able to monitor email contents but we can monitor all email logs. So we must set the log settings to save email logs to a local path in order to monitor email contents. Also there will be a notice when start a new project.<br /><p><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss1.jpg"><img class="size-full wp-image-161" title="Monitor Email Screeshot1 " src="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss1.jpg" alt="Monitor Email Screeshot1 " width="326" height="263" /></a><br /><p><strong>Setp3. Set Email Logs Settings</strong><br /><p>View full image to set the email logs setting correctly.<br /><p><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss2.jpg"><img class="size-full wp-image-163" title="Monitor Email Screenshot2 - Click to view Large" src="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss2.jpg" alt="Monitor Email Screenshot2 - Click to view Large" width="376" height="304" /></a><br /><p>Advanced Email logs settings to split email logs and keep the most recent email logs to save disk space.<br /><p><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss3.jpg"><img class="size-full wp-image-166" title="Monitor Email Screeshot3" src="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss3.jpg" alt="Monitor Email Screeshot3" width="412" height="358" /></a><br /><p><strong>Step 4. Start Capturing and Monitoring Emails in “Logs” Tab</strong><br /><p>After email log settings is finished, we can do a test to see if we can get some email monitoring logs. Let’s launch Outlook and start sending and receiving emails. We can see that we’ve received many spam email in my email box. We can see a lot of information in the logs Tab, such as date and time, client name, email subject, sender and receiver name, size, and more.<br /><p><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss4.jpg"><img class="size-full wp-image-158" title="Monitor Emails Screeshot - Click to View Large" src="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss4.jpg" alt="Monitor Emails Screeshot - Click to View Large" width="480" height="360" /></a><br /><p><strong>Step 5. Monitor Email Contents</strong><br /><p>In order to view the original content of an email, the process is quite simple, just double-click on the logs, then Capsa will call an email software to display the email content, basically Outlook.<br /><p><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss5.jpg"><img class="size-full wp-image-169" title="Monitor Email Screeshot5 - Click to View Large" src="http://blog.colasoft.com/wp-content/uploads/2009/05/monitor-email-ss5.jpg" alt="Monitor Email Screeshot5 - Click to View Large" width="500" height="367" /></a><br /><p>Now this is the entire process how we can monitor emails with Colasoft Capsa, we hope you enjoy this article.<br /><p><strong>Next Step</strong><br /><br>>><a title="download colasoft packet sniffer free trial" href="http://www.colasoft.com/download/products/capsa.php?prid=00060001" target="_blank">Download a Free Trial</a><br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-92160637196142779522009-05-14T02:54:00.000-07:002009-05-14T03:04:43.135-07:00Ten Reasons Make Packet Sniffers an Essential Network Tool<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/?prid=03060003"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 320px; height: 231px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpSdJE2AAcYoywY5L8SxKRW8K1YHZOIkxSILEBQZRvxQlWGH8tFgUKK-6UV7PYHKOiGHir5bwpZcthxbMWddxSaVUO9RGibWBOLebJfbn2mzsLE3UOYEVeOhgvCruYWzV9wuU3kg_4cA_u/s320/Colasoft_Capsa___Expert_Packet_Sniffer_14559.gif" alt="colasoft packet sniffer" id="colasoft packet sniffer" border="0" /></a>No matter whether you are network administrators or IT managers, you should not be unfamiliar to the network analysis tool - <a href="http://www.colasoft.com/capsa/?prid=03060003">packet sniffer</a>, also known as a <strong>network analyzer, protocol analyzer or sniffer</strong>) which has been widely used by kinds of organizations, schools, enterprises, government institutions etc.<br /><p>Maybe you are yet supirsed at why more and more enterprises, like IBM, Intel, Epson, Airbus, Ericsson etc, love to deploy packet sniffer to their company's network? OK, take a fresh coffee now, then look at the following problems, and ask yourself, as a <strong>network administrator or IT manager</strong>, if these issues are just what you have met?</p>Rushing from one network problem to another every day?<br />Have no way to judge if your network has been intruded?<br />Helpless collecting convincing information to submit your boss even if you have realized that your network system has been intruded.<br />No idea if current network usage is equal to actual need?<br />Know nothing of how many staffs are not killing their time by chatting with friends, browsing irrelevant webpage etc, but focusing on their job? <br /><p>Yes, every question listed above has puzzled many network administrators, but no worry, packet sniffer can easily help you out with its strong functions, here are <a href="http://topnetworksniffers.blogspot.com/2009/05/ten-reasons-make-network-sniffers.html"> ten reasons make packet sniffers an essential network tools.</a></p><br /><p> * <strong>Analyze network problems<br />* Detect network intrusion attempts<br />* Gain information for effecting a network intrusion<br />* Monitor network usage<br />* Gather and report network statistics<br />* Filter suspect content from <a href="http://blog.colasoft.com/how-to-monitor-internet-traffic-with-colasoft-packet-sniffer/">network traffic</a><br />* Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use)<br />* Reverse engineer proprietary protocols used over the network<br />* Debug client/server communications<br />* Debug network protocol implementations</strong><br /></p><p>Currently, there are dozens of packet sniffers in the market, some are very complex to use like wireshark, you must be versed in networking,; some are designed for common network administrators, such as <a href="http://www.colasoft.com/?prid=03060003">Colasoft Network Analyzer</a>, <strong>all-in-one & easy-to-use</strong>, which are more and more accepted and welcome.</p><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-90523982823305005602009-05-13T22:06:00.000-07:002009-05-13T22:20:34.929-07:00Top 5 Most Welcomed Packet Sniffers<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/?prid=00060003"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7bMraM2KCMIGGbwdqpPuS3WWHJ0Um8LxRQ1PJiORRNzvuhtVFq1gTr4gBMivt2XqtgTZEh0ZldCDukJpGZPoor7NOq_G5DfdanZY_Y-C2Aak_w6DODyNY7C9ZuAFs57zgZC5GcTgTlIM1/s320/Colasoft+packet+sniffer+Top+5.jpg" alt="Colasoft Network Analyzer" name="Colasoft Network Analyzer" border="0" id="Colasoft Network Analyzer" style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 300px; height: 300px;" /></a>According to the latest statistic from famous download sites regarding to downloads of packet sniffer softwares, the following products are very honored to be listed as top 5 most welcome packet sniffers by network engineers, IT managers, and network administrators etc.<br /><p><strong>#1 Wireshark - A Free Open Source Network Sniffer for Top Network Engineers </strong><br /><br />Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).</p><br /><p><strong>#2 <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Packet Sniffer</a> - All-In-One & Easy-To-Use Network Analyzer and Packet Sniffers Available For Most Network Administrators.</strong><br /><br /><strong>Colasoft Packet Sniffer - Capsa</strong> performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing. It allows you to get a clear view of the complex network, conduct packet level analysis, and troubleshoot network problems.<br /><br />Whether you're a network administrator who needs to identify, diagnose, and solve network problems, a company manager who wants to monitor user activities on the network and ensure that the corporation's communications assets are safe, or a consultant who has to quickly solve network problems for clients, Capsa is the tool you need.</p><br /><p><strong>#3 Tcpdump: The Classic Sniffer For Network Monitoring And Data Acquisition</strong><br /><br />Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.<br /><br /></p><br /><p><strong>#4 Etherdetect : Connection-Oriented Packet Sniffer And Protocol Analyzer</strong><br /><br />EtherDetect Packet Sniffer is an easy for use and award-winning packet sniffer and network protocol analyzer, which provides a connection-oriented view for analyzing packets more effectively. With the handy tool, all you need to do is to set up the filter, start capturing, and view connections, packets as well as data on the fly.</p><br /><p><strong>#5 Ettercap : In Case You Still Thought Switched Lans Provide Much Extra Security</strong><br /><br />Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.</p><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com1tag:blogger.com,1999:blog-8522588641740201139.post-44992175388771552282009-05-11T23:58:00.000-07:002009-05-12T00:27:15.170-07:00How to Find MAC Address with Colasoft MAC Scanner and More<a href="http://blog.colasoft.com/wp-content/uploads/2009/05/colasoft-mac-scanner-screenshot.jpg"><img title="Colasoft MAC Scanner Screenshot" src="http://blog.colasoft.com/wp-content/uploads/2009/05/colasoft-mac-scanner-screenshot.jpg" alt="Colasoft MAC Scanner Screenshot" align="left" height="229" width="289" /></a>In computer networking, a Media Access Control address (<strong>MAC address</strong>) is a <strong>unique</strong> identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification, and used in the Media Access Control protocol sublayer. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number. It may also be known as an Ethernet Hardware Address (EHA), hardware address, adapter address, or physical address.<br /><p><br /></p><p>Since a MAC Address is unique for most network adapters or network interface cards (NICs), it is important for IT administrators to know all the MAC addresses in LAN so as to quickly locate a network device when a network issue arises. Luckily we have tools to help us out. Let’s see how we can easily <a href="http://blog.colasoft.com/how-to-find-mac-address-with-colasoft-mac-scanner-and-more/">find MAC address</a> in LAN with Colasoft MAC Scanner.<br /><br /></p><p>Colasoft MAC Scanner is a <strong>Free</strong> software to find MAC address and IP address. It can automatically detect all subnets according to the IP addresses configured on multiple NICs of a machine and find MAC addresses and IP addresses of defined subnets as your need. Users can custom own scan process by specifying the subsequent threads.<br /><br /></p><p><strong>Step 1. <a title="download Colasoft MAC Scanner" href="http://www.colasoft.com/mac_scanner/?prid=csblog" target="_blank">Download Colasoft MAC Scanner</a></strong><br /><br /></p><p><strong>Step2. Install Colasoft MAC Scanner</strong><br /><br /></p><p>The installation of Colasoft MAC Scanner is quick and easy, it is suggested to install Colasoft MAC Scanner on a laptop as it only scans and finds MAC addresses and IP addresses in the subnet to which the laptop is connected.<br /><br /></p><p><strong>Step3. Start a Scan</strong><br /><br /></p><p>It’s easy and quick, just press the start button, the Colasoft MAC Scanner will scan and find MAC addresses and IP addresses in the subnet and list them out. The results can be “copy and paste” or exported for future reference.<br /><br /></p><p>Now the problem is: if a LAN is divided into several subnets, we’ll have to move the laptop around and scan each subnet in order to find all MAC addresses and IP addresses. Then what’s the solution?<br /><br /></p><p><strong>Find MAC Address and IP Address with <a title="Colasoft Packet Sniffer" href="http://www.colasoft.com/capsa/?prid=csblog" target="_blank">Colasoft Packet Sniffer</a></strong><br /><br /></p><p>Colasoft Packet Sniffer allows us to find MAC addresses and IP addresses both local and remote in the network as long as there is network communication initiated.<br /></p><p style="text-align: center;"><br /><br /></p><div style="text-align: left;"><a href="http://blog.colasoft.com/wp-content/uploads/2009/05/colasoft-packet-sniffer-mac.jpg"><img style="vertical-align: middle;" title="Find MAC Address in Colasoft Packet Sniffer" src="http://blog.colasoft.com/wp-content/uploads/2009/05/colasoft-packet-sniffer-mac.jpg" alt="Find MAC Address in Colasoft Packet Sniffer" align="" height="413" width="470" /></a></div><p><br /><br /></p><p>>>>><a title="Download Colasoft Packet Sniffer" href="http://www.colasoft.com/colasoft.com/download/products/download_capsa.php?prid=csblog" target="_blank">Download Colasoft Packet Sniffer Now</a><br /><br /></p><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-185620568919982592009-05-11T01:49:00.000-07:002009-05-11T02:13:46.953-07:00Find Out the Top Network Administrator Tools<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/capsa/?prid=00060003"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 320px; height: 213px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmKYstxNuLcHlCN4_0z1QskFM8yBsV9rcspvSAckZofq_kKJxpO4i59ZOlmmqXeeD05atW233cUpdV-OZPCZJp4uORnkjLR4j2cwQZWbF1Y7Ar-9KIQN035MGzzKsBLHpqAX9pBtMtJqH2/s320/colasoft+network+analyzer.jpg" alt="" id="BLOGGER_PHOTO_ID_5333347092092180994" border="0" /></a><strong>Packet Sniffers/Network Protocol Analyzer</strong><br /><p>With packet sniffers and network protocol analyzers, you can monitor network activity, analyze network performance, enhance network security, and troubleshoot network issues.</p><span>1,</span><span style="font-weight: bold;"> <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Packet Sniffer</a> - </span> <a href="http://www.colasoft.com/?prid=00060003">http://www.colasoft.com/</a> Colasoft Capsa performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing. It allows you to get a clear view of the complex network, conduct packet level analysis, and troubleshoot network problems.<br />2, Ethereal – http://www.ethereal.com/<br />3, EtterCap – http://ettercap.sourceforge.net/<br />4, Snort – http://www.snort.org/<br />5, WinDump / TCPDump - http://www.tcpdump.org/wpcap.html/<br />6, DSniff – http://naughty.monkey.org/~dugsong/dsniff/<p><strong>Scanning Tools</strong><br />1, Nmap – http://www.nmap.org/<br />Nmap is a port scanner. A port scanner scans for open ports, such as 80 (http) or 25 (SMTP)<br /></p><p>2, Sam Spade – www.samspade.org/<br />Sam Spade is a multi network query tool with many extra built in utilities, even a tool for spam. It includes utilities such as ping, whois, traceroute, and finger<br /><br />3, NetScanTools Pro ($199) –http://www.netscantools.com/nstmain.html<br />NetScanTools Pro Edition is an integrated collection of internet information gathering utilities for Windows Vista/2008/2003/XP/2000. Use it to research IP addresses, hostnames, domain names, email addresses, URLs automatically** or with manual tools.<br /><br />4, SuperScan – http://www.foundstone.com/<br />SuperScan has the primary purpose of scanning an IP range. It supports extremely fast Host Discovery lookups as well as TCP and UDP port scans thanks to its multi-threaded and asynchronous techniques.</p><p><strong>UserManagement - http://www.tools4ever.com</strong>/<br />Complete user account management featuring advanced user creation, modification, removal, mass creation/removal and delegation of administrative tasks. The UserManagemeNT Suite consists of three modules, Professional, Import and Delegation. These modules can operate independently or seamlessly integrated with each other.</p><p><strong>AdminMagic - http://www.tools4ever.com</strong>/<br />Full control: Using AdminMagic, you can take over and control users' desktops from your own workstation. Featuring complete mouse and keyboard emulation, you can execute programs, login/logoff, modify device drivers and reboot all from a central location. You can also take screenshots of remote desktops and store/print them for later use. Remote users will not be interrupted and can continue working as they always do.<br /><br /><strong>Advanced System Optimizer</strong> - http://www.systweak.com/<br />Advanced System Optimizer is a system tweaking suite that includes around 30 tools to improve and tweak your PC's performance. It offers an attractive and easy to use interface that organizes all tasks into categories and provides graphical statistics whenever possible. The tools include junk file cleaner, memory optimizer, system information, system files backup, file encryption, safe uninstaller, duplicate file finder, taskbar manager and much more. Advanced System Optimizer also includes an Internet tracks eraser with cookie manager and secure deletion, and even a desktop sticky notes application. Overall, a great bundle that offers a wide range of system tools with extra benefits that are hardly ever found.</p><br /><br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-72500195431876457392009-05-07T00:08:00.000-07:002009-05-07T00:20:13.705-07:00How Public Key Encryption Can Make Email More Private<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCizvwVMuWEY89DeNJnydchc6hAFzzKw7Yxy_Q3Q1_OxnATT1LsWH6mIKemx-bCJBevxNZC_XPPU0lDQUObSgdqJM7nSHE8ZOdUd0RsqXGySrmSfUI0CqK6Y8lU4_DSguWsraADhxxR-Qd/s1600-h/colasoft+network+sniffer+3.jpg"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 320px; height: 211px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCizvwVMuWEY89DeNJnydchc6hAFzzKw7Yxy_Q3Q1_OxnATT1LsWH6mIKemx-bCJBevxNZC_XPPU0lDQUObSgdqJM7nSHE8ZOdUd0RsqXGySrmSfUI0CqK6Y8lU4_DSguWsraADhxxR-Qd/s320/colasoft+network+sniffer+3.jpg" alt="colasoft packet sniffer" id="BLOGGER_PHOTO_ID_5332971147315512914" border="0" /></a>When you are entering your credit card number, talking with your lover, chatting with your business partners, can you imagine what will happen if everything you are doing is exposing to everybody?<br /><p> Yes, it is unbelievable but it is quite true, hackers can easily obtain your private information like crecit card number, email logs, chat logs etc. by using some network analytic tools, such as <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Packet Sniffer</a>.</p><p><strong>Protect Your Email Secure And Safe<br /></strong><br />So if we are helpless with our private information from being monitored or stolen? Of course not, to keep data sent via email private, you just need to encrypt it, as only unencrypted content can be monitored by network analytic tools like <a href="http://www.colasoft.com/?prid=00060003">Network Analyzer</a>. Only the targeted recipient will be able to decipher the message. </p><p><strong>How to Encrypt Your Message?</strong><br /><br />Public key encryption is a special case of encryption, it operates using a combination of two keys: one is a private key, the other is a public key which together form a pair of keys. The private key is kept secret on your computer since it is used for decryption, the public key, which is used for encryption, is given to anybody who wants to send encrypted mail to you. </p> <p><strong>How Public Key works?</strong><br /><br />When you send public-key encrypted mail, the sender's encryption program uses your public key in combination with the sender's private key to encipher the message. When you receive public-key encrypted mail, you need to decipher it.<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPfRu28sa4hM4VwxKOMGFLLvrgamsrSJtLEfzhddpcWEr5Z7jcVq3AQHhZw5w_Luq9e49olu1r5vSDGcy52dbIcfivQYcR0T3asIBt63aTYGfwkk4v3a2Ru5vbNc0Y-Amfh5AvkBRv5LSx/s1600-h/colasoft+network+sniffer+2.jpg"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 234px; height: 320px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPfRu28sa4hM4VwxKOMGFLLvrgamsrSJtLEfzhddpcWEr5Z7jcVq3AQHhZw5w_Luq9e49olu1r5vSDGcy52dbIcfivQYcR0T3asIBt63aTYGfwkk4v3a2Ru5vbNc0Y-Amfh5AvkBRv5LSx/s320/colasoft+network+sniffer+2.jpg" alt="colasoft packet sniffer" id="BLOGGER_PHOTO_ID_5332969008223125266" border="0" /></a><br />Decryption of a message enciphered with a public key can only be done with the matching private key. This is why the two keys form a pair, and it is also why it is so important to keep the private key safe and to make sure it never gets into the wrong hands (or in any hands other than yours). </p> <p><strong>Why the Integrity of the Public Key is Essential</strong><br /><br />Another crucial point with public key encryption is the distribution of the public key.<br />Public key encryption is only safe and secure if the sender of an enciphered message can be sure that the public key used for encryption belongs to the recipient.<br />A third party can produce a public key with the recipient's name and give it to the sender, who uses the key to send important information in encrypted form. The enciphered message is intercepted by the third party, and since it was produced using their public key they have no problem deciphering it with their private key.<br />This is why it is mandatory that a public key is either given to you personally or authorized by a certificate authority. </p><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-20672527481407617402009-05-06T02:56:00.000-07:002009-05-06T03:02:09.380-07:00Monitor Your Network Traffic with Colasoft Packet Sniffer<strong>Importance of Network Monitoring</strong><br /><p>Reading network traffic is essential for system administrators, network engineers, and security analysts. At some point there will be a need to read the network traffic directly instead of monitoring application level details. Examples of situations that might require monitoring network traffic are, auditing network security, debugging network configurations, and analyzing usage patterns. For this task we use network monitoring software, or packet sniffers, that sniff the traffic your computer is able to see on the network. What exactly your computer can see really depends on how the network is laid out, but the easiest way to figure out what it can see is just start sniffing.<br /><br />The most common tool to do the job is readily available. One of the most popular and easy – to - use tool for monitoring network traffic is <a href="http://www.colasoft.com/?prid=00060003">Colasoft Packet Sniffer</a>.</p><br /><strong>How to Monitor Network Traffic </strong><br /><p>As a packet sniffer, <a href="http://www.colasoft.com/capsa/?prid=00060003">Capsa</a> make it easy for us to monitor and analyze network traffic in its intuitive and information-rich tab views. With Capsa's network traffic monitor feature, we can quickly identify network bottleneck and detect network abnormities. This article is to discuss how we can Monitor Network Traffic with Capsa's network traffic monitor feature.</p><br /> <strong>1, Monitor Network Traffic in "Summary" </strong><br /> <strong>tab </strong><br /> <p>"Summary" is a view that provides general information of the entire network or the selected node in the "Explorer". In "Summary" we can get a quick view of the total traffic, real-time traffic, broadcast traffic, multicast traffic and so on. When we switch among the node from the explorer, corresponding traffic information will be provided.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic6.gif" alt="Monitor Network Traffic in Summary" height="481" width="574" /><br /></p><p>(pic 1. monitor-network-traffic-in-summary)<br /></p> <br /><strong>2, Monitor Network Traffic in "Endpoints" tab</strong><br /> <p>In "Endpoints" view, we can Monitor Network Traffic information of each node, both local and remote. With its easy sorting feature we can easily find out which host is generating or has generated the largest traffic.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic1.gif" alt="Monitor Network Traffic in Endpoints" height="481" width="574" /></p> <p>(pic 2. monitor-network-traffic-in-endpoints)</p> <br /> <strong>3, Monitor Network Traffic in "Protocols" tab</strong><br /> <p>"Protocols" view will list all protocols applied in network transmission. In "Protocols" view we can Monitor Network Traffic by each protocol. By analyzing network traffic by protocol, we can understand what applications are using the network bandwidth, for example "http" protocol stands for website browsing, "pop3" stands for email, etc.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic2.gif" alt="Monitor Network Traffic by Protocol" height="481" width="574" /></p> <p>(pic 3. monitor-network-traffic-by-protocol)</p> <br /> <strong>4, Monitor Network Traffic in "Conversations" tab</strong><br /> <p>In "Conversations" tab we can Monitor Network Traffic by each conversation and the figure out which conversation has generated the largest network traffic.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic3.gif" alt="Monitor Network Traffic by Conversation" height="481" width="575" /></p> <p>(pic 4. monitor-network-traffic-by-conversation)</p> <br /> <strong>5, Monitor Network Traffic in "Matrix" tab</strong><br /> <p>"Matrix" is a view that visualizes all network connections and traffic details in one single graph. The weight of the lines between the nodes indicates the traffic volume and the color indicates the status. As we move the cursor on a specific node, network traffic details of the node will be provided.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic4.gif" alt="Monitor Network Traffic In Matrix" height="481" width="574" /></p>(pic 5. monitor-network-traffic-in-Matrix)<br /> <strong><br />6,Monitor Network Traffic in "Graphs" tab</strong><br /> <p>If we want to get a trend chart of the network traffic, then we need to use the "Graphs" tab. "Graphs" view allows us view network statistics dynamically in different chart types, such as ling chart, bar chart, and pie chart. By selecting "Utilization" we get a real-time traffic trend chart.</p> <p><img src="http://www.colasoft.com/images/screenshots/monitor_network_traffic5.gif" alt="Monitor Network Traffic in Graphs" height="481" width="574" /></p>(pic 6. monitor-network-traffic-in-graphs)<br /> <p>As we can see, with <a href="http://www.colasoft.com/download/?prid=00060003">Capsa</a> we can not only Monitor Network Traffic in convenience, but also analyze network traffic in deferent levels, thus enables us quickly and efficiently detect network abnormities and troubleshoot network problems. </p><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-3301284275202985202009-05-04T23:28:00.000-07:002009-05-04T23:38:36.157-07:00Kismet, an 802.11 Layer2 Wireless Network Detector and Packet Sniffer<div style="text-align: left;"><a href="http://packetsniffer.blog.com/files/2009/05/kismet1.png"><img title="Kismet Screeshot" src="http://packetsniffer.blog.com/files/2009/05/kismet1-300x210.png" alt="Kismet Screeshot" align="right" height="210" width="300" /></a><strong>What is Kismet</strong><br /></div><p>Kismet is an 802.11 layer2 wireless network detector, <a title="Colasoft packet sniffer" href="http://www.colasoft.com/capsa/?prid=00060001" target="_blank">packet sniffer</a>, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, 802.11n, and 802.11g traffic (devices and drivers permitting). Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of non-beaconing networks via data traffic.<br /><br /><strong>Feature Overview</strong><br /><br />Kismet has many features useful in different situations for monitoring wireless networks:<br /><br />- Ethereal/Tcpdump compatible data logging<br />- Airsnort compatible weak-iv packet logging<br />- Network IP range detection<br />- Built-in channel hopping and multicard split channel hopping<br />- Hidden network SSID decloaking<br />- Graphical mapping of networks<br />- Client/Server architecture allows multiple clients to view a single Kismet server simultaneously<br />- Manufacturer and model identification of access points and clients<br />- Detection of known default access point configurations<br />- Runtime decoding of WEP packets for known networks<br />- Named pipe output for integration with other tools, such as a layer3 IDS like Snort<br />- Multiplexing of multiple simultaneous capture sources on a single Kismet instance<br />- Distributed remote drone sniffing<br />- XML output<br /><br /><strong>Typical Uses</strong><br /><br />Common applications Kismet is useful for:<br /><br />- Wardriving: Mobile detection of wireless networks, logging and mapping of network location, WEP, etc.<br />- Site survey: Monitoring and graphing signal strength and location.<br />- Distributed IDS: Multiple Remote Drone sniffers distributed throughout an installation monitored by a single server, possibly combined with a layer3 IDS like Snort.<br />- Rogue AP Detection: Stationary or mobile sniffers to enforce site policy against rogue access points.<br /><br /><strong>Download</strong><br /><br />Kismet can be downloaded <a title="Kismet download" href="http://www.kismetwireless.net/download.shtml" target="_blank">here</a><br /><br /><!-- AddThis Button for Post BEGIN --><br /></p><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-74471738376026830072009-04-27T22:45:00.000-07:002009-04-27T22:50:35.387-07:00How to Monitor Internet Traffic with Packet SnifferInternet traffic is the flow of data around the Internet. It includes web traffic, which is the amount of that data that is related to the World Wide Web, along with the traffic from other major uses of the Internet, such as electronic mail and peer-to-peer networks.<br /><p><br />In case we want to <strong>monitor internet traffic</strong> generated or is generating in LAN, here is a detailed process how we can do it with <a title="Colasoft Packet Sniffer Software" href="http://www.colasoft.com/?prid=00060001" target="_blank">Colasoft Packet Sniffer</a> – Capsa.<br /><p><br />Again we must make sure the packet sniffer software is correctly implemented so we can capture all the traffic in LAN, if you don’t know how to do it, please make sure you read <a title="How to Implement a Packet Sniffer" href="http://www.colasoft.com//support/installation.php?prid=00060001" target="_blank">how to implement a packet sniffer</a>.<br /><p><br />First let’s launch a new project with Colasoft Packet Sniffer, then do some online activities, such as chatting, browsing a website, sending and receiving emails, downloading some files. All these activities will generate different kinds of internet traffic. We may keep the project running to continuously <a title="How to Monitor Internet Traffic with Colasoft Packet Sniffer" href="http://blog.colasoft.com/how-to-monitor-internet-traffic-with-colasoft-packet-sniffer/" target="_self">monitor internet traffic</a> or stop the project to do some analysis.<br /><p><br />To monitor internet traffic, we’d better first select the “Internet Addresses” in the “Explorer” on the left window:<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss1.jpg"><img class="size-full wp-image-78" title="Monitor Internet Traffic Screenshot1" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss1.jpg" alt="Monitor Internet Traffic Screenshot1" width="485" height="375" /></a><br /><p><br />We can see that all the internet addresses are listed by countries, to monitor internet traffic of a specific country, we just need click on it; If we want to monitor internet traffic of a specific IP address within one country, we need to expand the country node and select the IP address in it.<br /><p><br />Also we can monitor internet traffic aggregated or internet traffic in real-time<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss2.jpg"><img class="size-full wp-image-79" title="Monitor Internet Traffic Screenshot2" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss2.jpg" alt="Monitor Internet Traffic Screenshot2" width="463" height="350" /></a><br /><p><br />To view what online activities have generated or are generating internet traffic, we need to use the “Protocols” Tab.<br /><p><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss3.jpg"><img class="size-full wp-image-80" title="Monitor Internet Traffic Screenshot1" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-internet-traffic-ss3.jpg" alt="Monitor Internet Traffic Screenshot1" width="506" height="364" /></a><br /><p><br />We can see there are protocols which separately stand for different internet activities:<br /><p><br />HTTP – Website browsing<br><br />MSN – online chatting with Live Messenger<br><br />POP3 – Email<br><br />HTTPS - Website browsing via a secure link<br><br />QQ- online chatting with QQ<br><br />DNS – Domain Name System<br /><p><br /><strong>About Capsa</strong><br /><p><br />Colasoft Capsa is a network analyzer (packet sniffer or protocol analyzer) designed for network monitoring and troubleshooting. It performs packet capturing, network monitoring, protocol analyzing, packet decoding, and automatic diagnosing. By giving users insights into all of network's operations, Capsa makes it easy to isolate and solve network problems, identify network bottleneck and bandwidth use, and detect network vulnerabilities. Learn more about Capsa, please visit <a href="http://www.colasoft.com/capsa/?prid=00060001">http://www.colasoft.com/capsa/</a><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-84187209006858241722009-04-23T00:55:00.000-07:002009-04-23T01:01:38.566-07:00What Can Hackers Do with a Packet Sniffer<h2>What Can Hackers Do with a Packet Sniffer?</h2><b>A <a href="http://www.colasoft.com/capsa/?prid=00060003">packet sniffer</a> in the wrong hands is a deadly weapon. A packet sniffer is a real danger because it is</b><b> a very powerful and difficult to detect tool</b><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/capsa/?prid=00060003"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 300px; height: 300px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfGUGGnEllczWmUhrIe3ocHUeAcZ7pYcYWalcE8mHIWZWrLEtQcsQ3p2NtZSPuqt1O2Qxa8_mjsFkDvkdh4gl4Jx6XoSYDeTyJTqwMCFVs1uxa3qYyprGYSHpsMHGDDgLQORLL6hX2-HdW/s320/hacker.gif" alt="colasoft packet sniffer" id="BLOGGER_PHOTO_ID_5327759129283239234" border="0" /></a><br />Security breaches of all kinds are reported all the time. Everyday we hear of hackers who managed to steal sensitive data, of people who become victims of identity theft, etc. Very often the breaches are so incredible that you wonder if hackers have supernatural powers. Well, hackers hardly have supernatural powers but they don't need them –supernatural powers are not necessary when a networklacks security and one has the right tools to break in.<br /><h2>Hackers Can Monitor Networks With a Packet Sniffer</h2><strong>The tools hackers use to break into networks are more or les</strong><strong>s the same tools network admins use to monitor and maintain their network with</strong>. For example, packet sniffers are among the tools hackers love most. A packet sniffer captures packets and shows you their contents.This means that with the help of a packet sniffer running somewhere into the network, hackers can monitor all the unencrypted traffic to and from this network.<br /><p>This is really scary – just imagine a malicious hacker who knows all the secrets of your company. It gets even more dangerous for networks, where hubs (and not switches) are used because in this case a packet sniffer can be installed on any computer and the hacker will monitor all the traffic in that segment, not only the traffic to and from the host. The good news is that hubs are almost out of use today and because of that hackers can do less damage with a packet sniffer. </p><h2>Hackers Can Obtain Passwords and Credit Card Numbers With a Packet Sniffer</h2>When a hacker uses a packet sniffer to monitor your network, this is not nice but when he or she steals passwords, credit card numbers and other types of sensitive data, this is a real danger. Unencrypted passwords, credit card numbers and other sensitive data are an easy target for a hacker with a packet sniffer.<br /><p>In many of the cases of mass theft of credit card numbers and passwords happen because hackers use a packet sniffer on an unencrypted network. For truth's sake, it is important to mention that even if all the traffic is encrypted, there are still many other ways to obtain sensitive data. But when the traffic over a network is not encrypted and nobody monitors the network for unauthorized packet sniffers, sooner or later data will be stolen.<br /></p><p>One of the greatest achievements for hackers with a packet sniffer is to capture the administrator's password. When the administrator's password is transmitted over the network in an unencrypted form, this is an easy target for hackers. If hackers manage to intercept the admin password, they have the power to do everything they want to on your network – delete data, modify data, etc. So, do you see why hackers don't need supernatural powers but only the admin password?</p><br /><P><br /><br /><b>About Colasoft</b><br><br />Ever since 2001, Colasoft has been an innovative provider of all-in-one and easy-to-use <a href="http://www.colasoft.com/?prid=00060003">network analyzer software</a> for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. Colasoft also offers four <b>free network utilities</b>: Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit http://www.colasoft.com/.<br /><br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-18677684682459420102009-04-23T00:12:00.000-07:002009-04-23T20:28:05.769-07:00How to Monitor http Traffic with Packet SnifferHypertext Transfer Protocol (<strong>HTTP</strong>) is an application-level protocol for distributed, collaborative, hypermedia information systems. Its use for retrieving inter-linked resources led to the establishment of the World Wide Web.<br /><P><br />In order to <strong>monitor http traffic</strong>, we will need a packet sniffer (or a protocol analyzer) software. Here is a detail process how we can <a href="http://blog.colasoft.com/how-to-monitor-http-traffic-with-packet-sniffer/?prid=00060001">monitor http traffic</a> in LAN with <a title="Colasoft Packet Sniffer Software" href="http://www.colasoft.com/capsa/?prid=00060001" target="_blank">Colasoft Packet Sniffer</a> – Capsa.<br /><P><br />Again let’s launch Colasoft Packet Sniffer and start a new project. Don’t forget one thing, we have to deploy the packet sniffer to the mirror port of the core switch in order to monitor all http traffic in LAN, if not, we can only monitor http traffic of our own computer.<br /><P><br />Then let’s start browsing a website, for example, www.colasoft.com, to generate some http traffic. Now let’s get back to the packet sniffer and see if there is http traffic. OK, we can see the packet sniffer has already captured some http traffic in the “<strong>Protocols</strong>” Tab<br /><P><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic1.jpg"><img class="size-full wp-image-69" title="monitor-http-traffic1" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic1.jpg" alt="Monitor http Traffic Screenshot 1" width="544" height="405" /></a><br /><P><br />We can see both the <strong>aggregated http traffic</strong> since start capturing and the <strong>real-time http traffic</strong> in this tab.<br /><P><br />If we want to do a deeper analysis on http traffic, we will need to use the “<strong>Locate</strong>” function to locate http protocol in the Explorer to let the packet sniffer display only the data that is http protocol. Right click on the protocol and select “Locate Explorer Node” in the pop-up menu.<br /><P><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic2.jpg"><img class="size-full wp-image-70" title="Monitor Http Traffic Screenshot 2" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic2.jpg" alt="Locate Explorer Node" width="221" height="292" /></a><br /><P><br />If we want to know who are using http protocol and what they are actually browsing, we are going to use two tabs, the “Endpoints” Tab and “Logs” Tab.<br /><P><br />Let’s see who are using http protocol:<br /><P><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic3.jpg"><img class="size-full wp-image-71" title="Monitor http Traffic Screenshot 3" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic3.jpg" alt="Who is Using http Protocol" width="544" height="408" /></a><br /><P><br />And what they are actually browsing:<br /><P><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic4.jpg"><img class="size-full wp-image-72" title="Monitor http Traffic Screenshot 4" src="http://blog.colasoft.com/wp-content/uploads/2009/04/monitor-http-traffic4.jpg" alt="Monitor http Traffic Screenshot 4" width="544" height="408" /></a><br /><br /><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-47927521300409519592009-04-22T00:43:00.000-07:002009-04-22T00:49:08.852-07:005 Things IT Department had to skip in Recession<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_YCTzxn2XvqGwtKNP84qPlrU20MU_5IoeFbZmYCVdYk4o0YXBZ5ezKSxnf2dFQH0E-cFxryh1kT2DEaOE9hKFe1glKXusdXnOIcVnmIPN8UdT0wZ7yZC7Ao0ft1m5PRu_MzDQyWTuynx6/s1600-h/colasoft+network+sniffer.jpg"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 227px; height: 320px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_YCTzxn2XvqGwtKNP84qPlrU20MU_5IoeFbZmYCVdYk4o0YXBZ5ezKSxnf2dFQH0E-cFxryh1kT2DEaOE9hKFe1glKXusdXnOIcVnmIPN8UdT0wZ7yZC7Ao0ft1m5PRu_MzDQyWTuynx6/s320/colasoft+network+sniffer.jpg" alt="" id="BLOGGER_PHOTO_ID_5327352183922127714" border="0" /></a>In last blog, we have talked about the <a href="http://snifferclub.blogspot.com/2009/04/top-5-items-it-department-must-do.html">5 items IT department must do</a> even in the big recession, in addition to the things we can't do without, there are many more things we had to skip. We are not exactly happy to stop doing these things but desperate times cry for desperate measures and since these activities are something we can do without we had to either quit them, or drastically reduce them:<ul><li><p><span style="font-weight: bold;">No purchases of new hardware</span>. Though it is not precise to say that we haven't bought a single piece of hardware in the last year, we have definitely cut hardware spendings. For the time being we do not plan to make major hardware purchases. </p> </li><li><p><span style="font-weight: bold;">Capital expenditures.</span> Capital expenditures are another budget item we had to drastically shrink. We had schedules projects but the current economic situation made us have second thoughts and now capital expenditures are on hold. </p> </li><li><p><span style="font-weight: bold;">Software that is nice to have but we can do without it</span>. Similarly to hardware and capital expenditures, some major software expenses had to be cut. Yes, there are many products, for instance accounting, HR, or ERP modules, which are great to have but we'll go for them when the economic outlook is less gloomy. </p> </li><li><p><span style="font-weight: bold;">Standardization</span>. You know that IT people generally hate when they have to deal with bureaucracy and standardization, so if there is an item, we are happy to skip, this is standardization. More or less we skipped all standardization-related activities except those, that are related to regulations compliance. Standardization is put on hold, especially if it requires investment or other resources. </p> </li><li><p><span style="font-weight: bold;">No infrastructure upgrades</span>. We are not exactly happy about this one but since there are more important items we can't skip, we had to significantly reduce the planned network upgrades. Some of the projects in this area are put on hold, while others are canceled. </p> </li></ul> <p>It wasn't easy to decide what to skip and what to keep but when times are tough, it is not possible to pretend that everything is OK and go on as planned. We hope that we are right in our choices and time will show if we did wise choices or not. </p><p>James Ackland is Author of this article from <a href="http://www.colasoft.com/?prid=00060003">www.Colasoft.com</a>.<br /><br />About Colasoft Co., Ltd.<br />Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use packet sniffer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Packet Sniffer</a> as their network monitoring and troubleshooting solution. Colasoft also offers four<span style="font-weight: bold;"> free network utilities:</span> Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit <a href="http://www.colasoft.com/?prid=00060003">http://www.colasoft.com/</a>.</p><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-20993602676773334572009-04-19T20:13:00.000-07:002009-04-19T23:24:28.895-07:00Top 5 Items IT Department Must DoEven though it is a basic economic fact that recessions happen once or twice in a decade, when the economy is in a good shape, like it was a couple of years ago, people, including IT managers, tend to forget that the summer will be over and hard times will come soon. On the other hand, recessions might be bad but the current one is certainly worse than many of the ones before. Actually, this is the worst recession since the Great Depression in the 1930s and even the most optimistically-minded managers have really serious reasons to fear and be cautious.<br /><p>We can't say that the recession took us by surprise but certainly we didn't expect it to be that fierce. However, recession or no recession, life must go on and if a company wants to make it, there are many things which can't be skipped. So, no matter that IT budgets are tight, there are items a company can't save on. <strong>Here are the top 5 items our IT department will not sacrifice:</strong><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/capsa/?prid=00060003"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 320px; height: 234px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZHEhCNm5bypzl3v99GB1NDMIHxrPsbAlHW4-ubaogo_haYbCj4A7ourrXxdx0-F3tJgnEtLDFCo-1lYGNJeNkM28tQ2B1tBra4aMH6TmsDnFSBB2AKgc1bP8baYy-WIoa6s8bJ6zxv7SM/s320/shangwu2_372.jpg" alt="" id="BLOGGER_PHOTO_ID_5326595350903762738" border="0" /></a><br /><br />1, <strong>Network security and security in general</strong>. Being in the network security business themselves, we know that network security and security in general is paramount and no matter how hard the economic situation might be, this is not an item to save on because the price is too high. Certainly, we are not buying the most expensive solutions, even though they are incredibly great but we also do not make compromises with the quality either.<br /><br />2, <strong>Going green. Going green is also an item we can't skip.</strong> Green technology saves money and now this benefit is more important than ever. So, if we buy new IT stuff, we definitely go for the green items.<br /><br />3, <strong>Compliance.</strong> Regulations compliance is another item we can't afford to skip, unless we really want to go out of business (and we don't). So, when there are steps in this direction to be taken, we do them – no way!<br /><br />4, <strong>Training.</strong> Training is also important and even though our training budget has shrunk, we still try to keep our staff qualified.<br /><br />5, <strong>Outsourcing.</strong> Outsourcing has been a successful strategy for our company at all times and now, when money issues start to surface, we are happy that outsourcing helps us cut cost with no sacrifice of quality.</p><br /><span style="font-size:85%;">Kevin Chou is Author of this article from <a href="http://www.colasoft.com/?prid=00060003">www.Colasoft.com</a>.<br /></span><p><span style="font-size:85%;">About Colasoft Co., Ltd.<br />Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use Packet Sniffer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft </a></span><a href="http://www.colasoft.com/capsa/?prid=00060003"><span style="font-size:85%;"></span></a><span style="font-size:85%;"><a>Packet Sniffe</a>r</span><span style="font-size:85%;"> as their network monitoring and troubleshooting solution. Colasoft also offers four free network utilities: Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit <a href="http://www.colasoft.com/?prid=00060003">http://www.colasoft.com/</a>.</span></p><span style="font-size:100%;"><br /></span><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-13323434783367956092009-04-16T23:34:00.000-07:002009-04-22T02:38:10.020-07:00Analyze Protocols With Packet Sniffer<b><strong>What is Network Protocol?</strong></b><br />A Protocol can be defined as rules governing the syntax, semantics and synchronization of communication.<br />In computing, A Protocol is a convention or standard that controls or enables the connection, communication and data transfer between two computing endpoints.<br />Protocols may be implemented by Hardware, Software or a Combination of two. At the lowest level, a protocol defines the behaviour of a hardware connection.<p></p><b>Why Protocol Analyzing Important?</b><br />Since all network communications are based on protocols and different protocols indicates varieties of network behaviours, by analyzing protocols using a Packet Sniffer, we get to know what network applications are used on the network and what network behaviour is taken against your network. You may check out our protocols database to get an explanation of each protocol.<p></p><br /><b><strong> Analyze Protocols With Packet Sniffer</strong></b><br />A <strong><a href="http://www.colasoft.com/capsa/?prid=03060003">Packet Sniffer</a></strong> is an important part of the <strong>Network Manager's toolkit</strong>. Traditionally sniffers are useful for troubleshooting networks and SNMP tools are better for trending and service management. The combination of an SNMP based Performance Manager and a well-featured <strong>Packet Sniffer</strong> will allow you to perform many of the fundamental tasks required for successful network management.<br /><br />Packet Sniffers, often called "packet sniffers" after Network Associates market leading Sniffer product, capture packets and decode them into their component parts. It's fairly obvious how sniffers can be used to troubleshooting network problems. Once a problem is detected packets are captured and analyzed and the details of the communication can be worked out. But sniffers can do more than this and, in fact, turn out to be surprisingly useful in many aspects of network management.<br /><br /><strong>Unexpected Traffic </strong><br />The obvious thing to do is monitor the network for unexpected traffic. Most network managers know the types of application that they expect to see and can point out anything unusual. If anything unexpected is spotted then a capture of some of the traffic is usually sufficient to pinpoint the machines involved.<br /><br /><strong>Unnecessary Traffic </strong><br />Many machines to be set by default to run protocols that may not be required.<br />For Example: Many printers broadcast using Novell's IPX protocol. It is fine if you are using NetWare, but not always necessary. It's good housekeeping to remove any protocols that you do not need. You may be concerned about how your users are using the available bandwidth. A good sniffer will allow you to filter specific types of traffic, so that you can keep an eye on any traffic that may cause you a problem.<br /><br /><strong>Unauthorized Program Use </strong><br />It is useful to check the specific port numbers for services on your Servers. Most common services operate on defined port numbers, a packet capture on a Server will soon reveal what services are running. You can disable any services that you do not need. This has two benefits, one, it avoids unnecessary traffic on the network, and second it means that no unauthorized user can take advantage of that service. If anyone is using a service a packet capture will show you the address. Most sniffers allow filtering on specified port numbers so it is possible to monitor continuously for specified port numbers.<br /><br /><strong>Email Problems </strong><br />Email systems typically use standard port numbers, 25 for SMTP, 143 for IMAP, 110 for POP3. Setting filters for these ports will usually help to discover the cause of problems with email.<br /><br /><strong>Virus Detection and Control </strong><br />Antivirus software manufacturers offer updates services. Armed with the information on new threats it is often possible to build suitable filters to detect viruses. For example many sniffers allow you to specify a text pattern, so a virus contained in a message containing a known text string could be detected. Analysis of the capture will show the source and destination of the packets.<br /><br /><strong>Firewalls </strong><br />Firewalls need to be checked for outgoing and incoming traffic. You will have to define a set of filters for traffic in both directions. Should the firewall begin to let unauthorized traffic through you need to be able to detect it.<p></p><br /><br /><b><strong>For Example: </strong></b><br /><strong>TCP</strong> is a Reliable connection oriented Protocol. Common Applications of TCP are Email and File Transfer. TCP is optimized for accurate delivery rather than timely delivery, and therefore, TCP sometimes incurs relatively long delays (in the order of seconds) while waiting for out-of-order messages or retransmissions of lost messages. So TCP analysis is required with Colasoft Packet Sniffer for finding delays.<br /><strong>UDP</strong> is a Reliable Connectionless Protocol. Common Applications of UDP are DNS, VOIP, IPTV and FTP.Sometimes Packet loss will happen during transmission and no help for this. Using Colasoft Packet Sniffer we can find the loss<br /><strong>HTTP</strong> is a request/response standard of a client and a server. A client is the end-user; the server is the web site. The client making a HTTP request—using a web browser, spider or other end-user tool—is referred to as the <em>user agent. </em>The responding server—which stores or creates <em>resources</em> such as HTML files and images—is called the <em>origin server</em>. Certain design features of HTTP interact badly with TCP, causing problems with performance and with server scalability. Latency problems are caused by opening a single connection per request, through connection setup and slow-start costs. Scalability problems are caused by TCP requiring a server to maintain state for all recently closed connections. Colasoft Packet Sniffer is used to detection such problems.<p></p><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-45790733534971704222009-04-16T20:13:00.000-07:002009-04-22T02:38:39.106-07:00How to Protect Your Network with Packet Sniffer<b>A packet sniffer (also called a <a href="http://www.colasoft.com/?prid=00060003">network analyzer</a>) can help you make your network more secure by identifying what's going on in it</b> <p>Networks are large entities, even if they don't consist of thousands of machines. Large networks are especially vulnerable because they are a fruitful ground for attacks and hacking of all kinds. Even if a system administrator is a genius, he or she can't fight network security threats with bare hands. </p> <h2>Why Do You Need to Protect Your Network?</h2> <p>One of the major principles in network security is that a network is as secure as its weakest part is. In other words, it makes no sense to invest tons of money and spend many hours to secure some of the parts of a network, when there are small vulnerabilities that can be easily abused. </p> <p>With networks small vulnerabilities are very common and even though one can never be sure that his or her network is secure, when no efforts in that direction are made, it is as sure as hell that this network is at risk. That is why it is absolutely clear that nobody can afford to leave a network unprotected. Fortunately, there are many tools, which help to protect a network and packet sniffers are one of them. </p> <h2>How a Packet Sniffer Can Protect Your Network?</h2> <p>Packet sniffers (or network analyzers, as they are also called) can be one of the best tools you can use to protect your network. There are many types of network threats and there is no universal tool that can help you protect your network against all of them, so if you expect that a packet sniffer can safeguard your network against all kinds of threats, this is not so but it is a fact that a packet sniffer can help you against many threats, both internal and external. </p><p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/capsa/?prid=03060003"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 400px; height: 326px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyT4Zf-hQVfDKyfc8uOoFi-6oR48Ydr313DbqPWjB-zX2odAhK9ocdFTX3zujlWOwu0n9HV-X_y5qkTqPZX5beaYujQpDzoDUqG1SJqUZDOHhniM-E6Qs4bDGAFsiMr7_5TT3lxwSmA5x7/s400/colasoft-network-sniffer-ss2.gif" alt="colasoft packet sniffer" id="BLOGGER_PHOTO_ID_5325487260717218994" border="0" /></a></p> <p>A packet sniffer captures all the packets which go to and from your network and shows you their contents. While a packet sniffer is helpless against encrypted traffic, with unencrypted traffic a packet sniffer is an indispensable tool. When you have the chance to know what's going on in your network, you can easily spot the activities, which shouldn't be taking place.</p><p><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.colasoft.com/products/?prid=03060003"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 400px; height: 326px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO-sDceKLenS7ss9xrJCXQSM3gBSfjt9IiPWdpsjsI7miqerOmQcXA8Jz2ziu5hNexK6yG50RO9QyQHbQmswYkMlNpNYW3z2HrFLBc24uIhLlJE9Wfh7ej_jN4BxrirnOf3xytF8q_sKCu/s400/colasoft-network-sniffer-ss1.gif" alt="colasoft packet sniffer" id="BLOGGER_PHOTO_ID_5325486609894366754" border="0" /></a></p> <p>For instance, if somebody is downloading files with BitTorrent, or is generating any other kind of substantial traffic, a packet sniffer, such as <a href="http://www.colasoft.com/capsa/?prid=00060003">Colasoft Packet Sniffer</a>, will display this immediately and you will know that you should take the adequate measures to stop it. Actually, a packet sniffer allows to monitor all incoming and outgoing traffic and keep logs of this, so even if you don't react immediately when suspicious traffic occurs, all the traffic is logged and you can view it later.</p> <p>Depending on the features of the packet sniffer you have selected, you will have different options to protect your network. Some of the packet sniffers with a rich feature set, for instance Colasoft Packet sniffer, offers a lot in terms of traffic monitoring. Generally, even the packet sniffers with less features allow to monitor suspicious activity at least from a given host or protocol. </p> <p>One of the cases when packet sniffers don't offer much help is with encrypted traffic. This is a technical limitation and even though packet sniffers can intercept encrypted packets, they can't break the encryption and show the actual content of the packet. However, when you are monitoring a network and you notice that there is unauthorized encrypted traffic (for instance from a given host), this should ring a bell that something not nice is probably going on and you should take the adequate measures to investigate what exactly is happening. </p><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-84740029089722974362009-04-14T23:23:00.000-07:002009-04-22T02:38:54.149-07:00How to Sniff All Images of a WebpageIn case we want to sniff all images of a webpage, here is a detailed process how we can do it with <a href="http://www.colasoft.com/capsa/?prid=00060000">Colasoft Packet Sniffer</a>’s "Logs" feature. I will take the CNN.com home page as an example.<br /><br /><strong>Step 1. Open Log Settings</strong><br /><br />Log settings allows us to set up some conditions or exceptions whether or not record some logs in the Logs tab. If we want to display just images in the Logs tab, we must enable the HTTP Log conditions.<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss1.gif"><img class="size-full wp-image-52" title="How to Sniff Images Screenshot 1" src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss1.gif" alt="How to Sniff Images Screenshot 1" height="159" width="338" /></a><br /><br /><strong>Step 2. Enable Http Log Conditions</strong><br /><br />We must tick before Conditions to enable it<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss2.gif"><img class="size-full wp-image-57" title="How to Sniff Images Screenshot 2" src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss2.gif" alt="How to Sniff Images Screenshot 2" height="131" width="276" /></a><br /><br /><strong>Step 3. Input "Image" into Content Type</strong><br /><br />On the right hand, lets’ input the content type in order to filter contents<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss3.gif"><img class="size-full wp-image-58" title="How to Sniff Images Screenshot 3" src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss3.gif" alt="How to Sniffer Images Screenshot 3" height="188" width="291" /></a><br /><br />Here is an explanation of Content Type<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss4.gif"><img class="size-full wp-image-59" title="How to Sniff Images Screenshot 4" src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss4.gif" alt="How to Sniff Images Screeshot 4" height="192" width="291" /></a><br /><br /><strong>Step 4. "OK" to Activate the Setting</strong><br /><br />Now we’ve done with the Log Settings, let’s see whether we can sniff all images of CNN.com index page. First of all, let’s start capturing with Colasoft Packet Sniffer, then let’s input the URL into the address bar and start browsing.<br /><br />Results start showing in the Logs Tab – Http Request Option, we can see all results are in image formats. We have successfully sniffed all the images on this webpage.<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss5.gif"><img class="size-full wp-image-60" title="How to Sniff Images Screenshot 5" src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss5.gif" alt="How to Sniff Images Screeshot 5" height="306" width="366" /></a><br /><br />To view the image, we can click on the record, and it will be shown in a browser.<br /><br /><a href="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss6.gif"><img src="http://blog.colasoft.com/wp-content/uploads/2009/04/sniff-images-ss6.gif" alt="How to Sniff Images Screenshot 6" title="How to Sniff Images Screenshot 6" class="size-full wp-image-62" height="144" width="292" /></a><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-23861106683851353232009-04-13T00:42:00.000-07:002009-04-15T00:52:32.552-07:00Colasoft Packet Sniffer Capsa 6.9 Review<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZ8Ynx5c76vMB0Qz0t_Gm_WFT-KGUgyrFWwidUtfAvUV5jdAnma4zij61v5-r7Zb0wEiVBpXRymJridicVI2E-FV6jBGfTwxTrDMhAc5hHsojUTwv-7rUIL2aILwABGYxC8x-u0V3TN9w/s1600-h/1.gif"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer; width: 320px; height: 210px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZ8Ynx5c76vMB0Qz0t_Gm_WFT-KGUgyrFWwidUtfAvUV5jdAnma4zij61v5-r7Zb0wEiVBpXRymJridicVI2E-FV6jBGfTwxTrDMhAc5hHsojUTwv-7rUIL2aILwABGYxC8x-u0V3TN9w/s320/1.gif" alt="Colasoft Packet Sniffer Screenshot" id="BLOGGER_PHOTO_ID_5324089315977686034" /></a><span style="font-weight: bold;">Overview</span><br />Not so hard for a freshman.<br />Auto diagnosis.<br />Real time capture.<br />If it's cheaper, I will definitely buy it!<br />After using <a href="http://www.colasoft.com/capsa/?prid=00060002">Colasoft Packet Sniffer</a>, I found 3 features of this product:<br /><br />1.supports the real-time capturing and monitoring<br />2.excellent capability of protocol analyzing (approximately 300 types) and packet decoding<br />3.Well, the most exciting part is the automatic expert diagnosing! That really saves so much money and time for me, and I do not worry about the solution of failure again!<br /><br />Cost and performance are in desired level .<br /><br /><span style="font-weight: bold;">What It Is and What It Can Do</span><br />Colasoft Packet Sniffer is an expert packet sniffer and protocol analyzer designed for packet decoding and network diagnosis; it monitors the network traffic transmitted over a local host and a local network, with the ability of real time packet capture and accurate data analysis. Colasoft Packet Sniffer makes your network operations completely transparent before you, letting you isolate and troubleshoot network problems quickly and efficiently. The flexible and intuitive user interface lets either IT professionals or novice users skilfully handle it in a few moments.<br /><br />Easily understand how to use this packet sniffer with samples provided with the Tool. Sample packets helps me a lot for my first time deployment by avoiding contacting the Technical Support during my initial days of using this Tool.<br /><br />For a Small Business Enterprise, This tool's network diagnosis helps me to detect slow network and upgraded speed for better utilization.<br /><br />I prefer this for a Medium Business Enterprise as troubleshooting network issues is simply superb.<br /><br />For Medium and a Large Business Enterprises, Security is an issue.This packet sniffer enhances Network Security by monitoring the network with Logs. As every packet is recorded and analyzed, loopholes can easily detect.<br /><br />For every organization, security is a major concern. By using this tool Monitoring of Email Contents and Monitoring IMs, Chats is easy. Every information in Messegers, chats, HTTP Requests is logged .<br /><br />Can easily find where the problem from the Packet Analysis without letting the user to report about his huge traffic.<br /><br />For Internet Service Provider, this is very very useful tool. ISPs have problems of Server down issues due to huge traffics. By diagnosing with this tool, Server down issues can be reduced.<br />Prevent hibernation while capturing and view both IP Addresses and Hostnames. This is a good feature in upgraded version.<br /><br />Colasoft Packet Sniffer Supports Windows Vista-64 bit Edition. Able to identify and Analyze 300+ Network Protocols.<br /><br />By going through the site <a href="http://www.colasoft.com/?prid=00060002">www.colasoft.com</a>, I came to know that Colasoft Packet Sniffer Professional Edition available and used it for Analyses. It really good to use and operate. Everything is logged and my network usage is monitored.<br /><br />Videos in the website help me to understand the ARP Attacks, Monitoring Network traffic. So I can protect my network now by identifying the deceived hosts and by identifying who is consuming maximum bandwidth in a Local Segment.<br /><br />I can monitor the traffic either by protocol, IP or MAC Address. So much flexibility in using this packet sniffer.<br /><br />Internet Service Providers can use this tool for quick issue troubleshooting. Easy to identify problems and minimizes the time to service the customer.<br /><br />The reports are displayed with Graphs and Tables .Viewing the connection in a matrix is wonderful and it is something special in Colasoft Packet Sniffer. This pictorial representation is really good to sort out the issue by easily detecting.<br /><br />Colasoft Packet Sniffer has the tools that would not find in other protocol analyzers, including ping and scan IPs and MACS across the LAN.<br /><br /><span style="font-weight: bold;">Summary</span><br />Colasoft Packet Sniffer is an easy-to-use and all-in-one tool for IT Network Administrator, IT Consultant and for a Security Manager in IT Company.<br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-32431357127201474702009-04-08T02:16:00.000-07:002009-04-08T19:33:24.520-07:00Packet Sniffer, Basic Tool for Network Administrators<a href="http://www.colasoft.com/products/?prid=0306001"><img class="alignright size-medium wp-image-15" src="http://yournetworksniffer.wordpress.com/files/2009/04/distribution1.jpg?w=300" alt="packet sniffer screenshot" height="224" width="300" /></a><br /><br />Packet sniffers are a valuable tool for both network administrators and hackers. There are many <a title="download colasoft packet sniffer" href="http://www.colasoft.com/download/?prid=03060001" target="_blank">packet sniffers</a> on the market and one of the most sophisticated is the packet sniffer from <a title="Colasoft Official Website" href="http://www.colasoft.com/?prid=03060001" target="_blank">Colasoft</a><br /><br /><strong>Packet sniffers are one of the best tools a </strong><strong>network administrator has at his or her disposal to analyze network traffic and to troubleshoot problems. </strong>On the other hand, when a Packet sniffer is in the wrong hands – i.e. hackers use it – this can cause quite a lot of damage to a company or an individual, especially if the victim hasn't taken the required protective measures. You see, as with many things in life, packet sniffers can be a great tool to maintain a network, yet they can be very destructive, if misused.<br /><br /><strong>Packet sniffers are very common, choose a best packet sniffer for you.</strong> There are many packet sniffers on the market and they range from free, to cheap, to expensive, from very simple, to advanced, to packed with features. Each type of packet sniffers has its purposes and if you need a simple tool for quick results on a small network, you don't have to buy the most expensive packet sniffers, no matter that they have tons of features. But in reality, if you need a packet sniffer for professional use, low-end sniffers are not the answer and you need something more sophisticated, for example Colasoft Network Analyzer. Colasoft Network Analyzer is built around packet sniffing but includes many other useful features as well.<br /><br /><strong>As any other packet sniffer, the packet sniffer from Colasoft, intercepts and logs traffic, transmitted within a network (or a network segment).</strong> A packet sniffer can be really invisible because it monitors the network (almost) unobtrusively. Since a packet sniffer just sniffs the packets without modifying them, it doesn't cause disturbances to alert the administrator that something is going on. Unless the administrator doesn't run an anti-sniffer, the traffic can be eavesdropped and nobody will know about it.<br /><br />Of course, a good network administrator knows how to detect a packet sniffer, so if you plan to get Colasoft packet sniffer and use it in a malicious way, don't expect that this will go unnoticed. The packet sniffer in the Colasoft Network Analyzer is not stealth but since anyway Colasoft Network Analyzer is intended for network troubleshooting, not network hacking, there is no reason to worry that the packet sniffer is not hidden. When a network administrator uses a packet sniffer in order to legitimately monitor network traffic, he or she doesn't need cover.<br /><br /><strong>One of the most important features of a packet sniffer is the </strong><strong>protocols it can sniff.</strong> In this aspect <a title="Colasoft packet sniffer software products" href="http://www.colasoft.com/products/?prid=03060001" target="_blank">Colasoft Network Analyzer</a> is an unbeaten packet sniffer because it can monitor over 300 protocols. Colasoft knows that when the packets of major protocols are not captured, this gives a wrong impression about the traffic in the network and that is why Colasoft Network Analyzer supports so many protocols. And no, the protocols Colasoft Network Analyzer can sniff are not exotic ones – they are protocols used frequently in networks.<br /><br />Additionally, new and new protocols are added to the packet sniffer from Colasoft, so even if your network uses some really rare protocols, which are currently not supported by Colasoft Network Analyzer, they could be added in the future. Well, if you expect that the packet sniffer from Colasoft will sniff encrypted traffic, this will not happen because no packet sniffer can do it!Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-84608479120206291452008-12-02T00:38:00.000-08:002009-04-08T19:25:23.396-07:00Network Troubleshooting Made Easy, A Colasoft Software Solution<div style="text-align: left;"><span style="font-weight: bold;">The Challenge</span><br /></div>As the business is becoming more and more networked, it’s always necessary for network administrators to troubleshoot network issues in shortest time possible if the network is not functioning properly. Network downtime or network malfunction may cause headaching inconvenience or even millions of business losses if not settled up in time. Without a handy tool, network troubleshooting can be time-consuming and frustrating.<br /><br /><span style="font-weight: bold;">Old Ways – Time-consuming and Frustrating</span><br />There are a lot of articles providing guidance on how to troubleshoot network issues in general ways. For simple networking issues, these tutorials work fine. However, for a company-level network, issues are often complicated and mixed, and these issues require deeper analysis and stronger diagnosis abilities. Obviously, old ways are no longer suitable for today’s in-time network troubleshooting demands.<br /><br /><span style="font-weight: bold;">Troubleshooting Network Issues in Seconds</span><br />To troubleshoot your network in time, even in seconds is now possible with Capsa’s diagnosis feature. Network issues are automatically detected and clearly identified, with possible causes and solutions provided.<br /><br /><span style="font-weight: bold;">Automatic Diagnosis</span><br />Based on Colasoft’s packet analysis engine, Capsa is able to automatically detect network issues in different OSI layers, such as application layer, transport layer, and network layer. All these issues are marked with different severity levels, indicating which are critical issues that need to be addressed immediately, which are just informative messages.<br /><br /><div style="text-align: center;"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiROiRAaaNQQLPlm5BXBZIVzIAXXWtrxdNg4aIfzx4R4KhstNclFOuEzwcZsFbOnpGGSkvUjUAKEfbdN2Cl_J_9_R6JlL1o8DVmeTTXMj_cMBy_eMUbTMI_TSCLsXXTVZ4VyFwc39DPTFc/s400/at_diag.jpg" /><br /></div><div style="text-align: center;"><br /><span style="font-size:85%;">(Figure 1 Diagnosis Events List)</span><br /></div><br /><span style="font-weight: bold;">Quick Locate Suspicious Host</span><br />Once a critical network issue is detected and requires immediate handling, we can select the item from the list, then detailed information will be provided under, including source, destination, port and so on. We can easily locate the suspicious host in this field, for example, the attacking host or the host which is spamming our network. Moreover, after locating the suspicious host, we can conduct deeper analysis, such as protocol analyzing or packet decoding.<br /><br /><div style="text-align: center;"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg29L1XGnojrxu2Zp89oFvlDiYJtWWj9wF0zLK6gSknrNnKtyOYOSbKZ3ma8AX5mfU6-cr8uO8AGQsGIixcZQQjCviPloqDljY8sl6-27NB0wQNL8khSV6eh8DsEcy-XByOLmvX_9l8HLY/" /><br /></div><br /><div style="text-align: center;"><span style="font-size:85%;">(Figure 2 Diagnosis Details)</span><br /></div><span style="font-weight: bold;">Possible Causes & Solutions</span><br />When selecting a network issue from the list, possible causes and solutions are also provided for users to understand the issue and solve it as soon as possible.<br /><br /><div style="text-align: center;"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhSmRbFgjQ9VLJkqUMk2eWFwCiu-S4cFjDvNKBc5d3plCvAVovGae-Ghd0S0m8ANrp4IjPma_OR_4J2pcV9JruEhJIRe4GHqji5gIHL7T71GVIxaof0-GntrDmlvvT8wlZ9-rmK7OTuTc/" /><br /></div><br /><div style="text-align: center;"><span style="font-size:85%;">(Figure 3 Possible Causes & Solutions)</span><br /></div><span style="font-weight: bold;">Customizable</span><br />Depending on network sizes and network’s characteristics, we can customize the threshold that triggers one diagnosis event and the severity of the network issue.<br /><br /><div style="text-align: center;"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-wHFHeRodq54OvUvP6zQjsTWMiSS3Ay0PW_AcrBPkdZ8nfLK6_NkEGaD9QJaKahnB5gOksZ7hyoWRh5fHZ-OdKvcempHDV4bgJzy73Izjh3SOlVWTCaIGtpeILFj9TYsIcC53qNJz0RI/" /><br /><br /></div><div style="text-align: center;"><span style="font-size:85%;">(Figure 4 Customize Threshold)</span><br /></div><span style="font-weight: bold;"><br />Conclusion</span><br />It is always good to maintain the network running smoothly and properly without any problems. However, if a network issue arises, we must make sure it is quickly detected and solved before it affects the entire infrastructure and brings loss to our business. For the complexity of the network and variety of network applications, network troubleshooting is becoming more challenging and demanding. To have a powerful tool like Capsa in hand is must in everyday’s network management.<br /><br /><span style="font-weight: bold;">About Capsa</span><br />Capsa is packet sniffer software designed for network monitoring and troubleshooting purposes. It performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing. By giving users insights into all of the network's operations, Capsa makes it easy to isolate and solve network problems, identify network bottleneck and bandwidth use, and detect network vulnerabilities, external attacks and insecure applications.<br /><br /><span style="font-weight: bold;">About Colasoft</span><br />Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use network analysis software for customers to monitor, analyze, and troubleshoot their network. Up to now, more than 4000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. The company also offers four free network utilities: <a href="http://www.colasoft.com/packet_builder/">Colasoft Packet Builder</a>, <a href="http://www.colasoft.com/packet_player/">Colasoft Packet Player</a>, <a href="http://www.colasoft.com/mac_scanner/">Colasoft MAC Scanner</a>, and <a href="http://www.colasoft.com/ping_tool/">Colasoft Ping Tool</a>. Learn more today at <a href="http://www.colasoft.com/">http://www.colasoft.com/</a><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0tag:blogger.com,1999:blog-8522588641740201139.post-31615564961786262162008-11-24T17:13:00.000-08:002009-04-08T19:34:24.061-07:00Top 10 Uses of Packet Sniffer Software<a href="http://www.colasoft.com/capsa">Packet Sniffer software</a> is a network monitoring tool that helps us to be in control of our network 24/7. All computer networks that are connected to the internet are highly vulnerable to security risks. If our networks are not constantly monitored, we can easily become a prey for the hackers. Packet sniffer software logs all traffic and all data that is sent in and out of the network that matches the specific packet criteria set by the network administrator.<br /><br />Packet sniffer software has a number of uses and all of them are of critical nature.<br /><br /><ol><li>Whenever there is a network related problem, we need some basic clues so that we can start addressing the problems. We will be able to get these clues from the packet sniffer software that is installed in the network. Therefore, packet sniffer software will not only help us monitor the network, but it will also help us <a href="http://www.colasoft.com/etherlook/">analyze the network traffic</a> so that we can identify any problem that crops up in the shortest time possible. </li><li>If there are any unauthorized intrusions, we will be able to detect the intrusions in good time. This will help us protect our network from the hackers.</li><li>We will be able to <a href="http://www.colasoft.com/capsa/network_bandwidth_analyzer.php">monitor the usage</a> levels of the network at any given time. This will help us optimize the usage if we need to. </li><li>Using packet sniffer software we can keep a tab on each user in the network and gather sensitive information including passwords. </li><li>Packet sniffers will also be useful to monitor ‘on the fly’ network traffic to determine what is going on in the network at any given time. </li><li>Packet sniffers are not only useful for network administrators, it is also useful for programmers and security professionals to study the network traffic and possible loopholes so that they can be sealed.</li><li>Parents can keep a tab on their children’s online PC usage. </li><li>For those who are in learning stages packet sniffer will help them <a href="http://www.colasoft.com/capsa/protocol_analyzer.php">understand various protocols</a> of the network such as HTTP, POP3, STMP, etc. </li><li>The reports generated can be used to build reliable statistics about the network use. </li><li>You will be able to find reasons for system slowdown. Using the packet sniffer software you will be able to troubleshoot the problem in the shortest time possible. </li></ol><br />There many other uses besides the ones mentioned above. In addition, there are many packet sniffer software products available in the market. When you want to install packet sniffer software in your network, you must spend enough time in identifying the best packet sniffer software. The product you select should be a versatile tool and a popular product that has been tested in a variety of situations. It should be capable of handling small as well as large network without causing any problems in the network. One of the best packet sniffer software available in the market is <a href="http://www.colasoft.com/capsa">Colasoft Capsa</a>. For more information about this versatile tool, visit <a href="http://www.colasoft.com/">Colasoft.com</a>.<br /><br /><span style="font-weight: bold;">About Colasoft</span><br />Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use network analysis software for customers to monitor, analyze, and troubleshoot their network. Up to now, more than 4000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. The company also offers four free network utilities: <a href="http://www.colasoft.com/packet_builder/">Colasoft Packet Builder</a>, <a href="http://www.colasoft.com/packet_player/">Colasoft Packet Player</a>, <a href="http://www.colasoft.com/mac_scanner/">Colasoft MAC Scanner</a>, and <a href="http://www.colasoft.com/ping_tool/">Colasoft Ping Tool</a>. Learn more today at <a href="http://www.colasoft.com/">http://www.colasoft.com/</a><br /><br /><!-- AddThis Button for Post BEGIN --><br /><div><script type="text/javascript">addthis_url='<data:post.url/>'; addthis_title='<data:post.title/>'; addthis_pub='snifferclub';</script><script src="http://s7.addthis.com/js/addthis_widget.php?v=12" type="text/javascript"></script></div><br /><!-- AddThis Button for Post END -->Kevin Zhouhttp://www.blogger.com/profile/10834917473676154644noreply@blogger.com0