PRTG can be started within minutes and it's compatible with many mobile devices. PRTG monitors these vendors and applications, and more, in one view! Servers , routers , switches : A network contains countless different devices, and an error or malfunction can occur anywhere. Without a monitoring tool, you can spend hours or even days searching for a failed switch. If cloud applications run properly, they can save your company money. But when they go down, they can be the source of a great deal of frustration.
Here too, its numerous preconfigured sensors are extremely handy. The aim was to tune the network monitoring software closer to the needs of the administrators. This third party content uses Performance cookies.
Change your Cookie Settings or. Since , we offer monitoring solutions for businesses across all industries and all sizes, from SMB to large enterprises. We believe monitoring plays a vital part in reducing humankind's consumption of resources. Our products help our customers optimize their IT, OT and IoT infrastructures, and reduce their energy consumption or emissions — for our future and our environment. Customer Login. Search Search. Learn more. PRTG as a network sniffer. Jump to the topic of your choice What is a network sniffer?
Free network sniffer: Use our Packet Sniffer Sensor for a quick overview of What is this tool? Stay informed about special deals, the latest products, events, and more from Microsoft Store. Available to United States residents. By clicking sign up, I agree that I would like information, tips, and offers about Microsoft Store and other Microsoft products and services.
Privacy Statement. IP Packet Sniffer. See System Requirements. Available on PC. Show More. People also like. You can get either edition of the NetFlow Analyzer on a day free trial. LiveAction Omnipeek, previously a product of Savvius , is a network protocol analyzer that can be used to capture packets as well as produce protocol analysis of network traffic. Omnipeek can be extended by plug-ins. However, the addition of the Capture Engine plug-in gets the packet capture function.
The Capture Engine system picks up packets on a wired network; another extension, called Wifi Adapter adds wireless capabilities and enables Wifi packets to be captured through Omnipeek. The functions of the base Omnipeek Network Protocol Analyzer extend to network performance monitoring.
As well as listing traffic by protocol, the software will measure the transfer speed and regularity of traffic, raising alerts if traffic slows down or trips passed boundary conditions set by the network administrator. The traffic analyzer can track end-to-end transfer performance across an entire network, or just monitor each link. Other functions monitor interfaces, including incoming traffic arriving at web servers from outside the network.
The software is particularly interested in traffic throughput and a display of traffic per protocol. Data can be viewed as lists of protocols and their throughput or as live graphs and charts. Packets captured with the Capture Engine can be stored for analysis or replayed across the network for capacity testing. Omnipeek installs on Windows and Windows Server. However, it is possible to get Omnipeek on a day free trial. The fundamental tool of almost all network traffic collection is tcpdump. It is an open-source application that comes installed on almost all Unix-like operating systems.
Tcpdump is an excellent collection tool and comes complete with a very complex filtering language. Capturing all data from a network device on even a moderately busy network can create too much data to analyze efficiently. For example, in writing this article, I captured some traffic and noticed that my machine was sending traffic to an IP address I did not recognize.
It turns out that my machine was sending data to a Google IP address of Since I did not have any Google products running, nor Gmail open, I did not know why this was happening. I examined my system and found this:.
It seems that even when Chrome is not running in the foreground it remains running as a service. I would not have necessarily noticed this without a packet analysis to tip me off. I re-captured some more tcpdump data but this time told tcpdump to write the data to a file that I opened in Wireshark more on that later. Tcpdump is a favorite tool among sysadmins because it is a command-line tool. It is unusual for production servers to provide a desktop because of the resources that would take, so command-line tools are preferred.
As with many advanced tools, tcpdump has a very rich and arcane language that takes some time to master. A few of the very basic commands involve selecting the network interface from which to collect data, and writing that data to a file so it can be exported for analysis elsewhere. The -i and -w switches are used for this.
The standard TCP capture file is a pcap file. It is not text so it can only be read by an analysis program that knows how to read pcap files. Most useful open source tools are eventually cloned to other operating systems. When this happens, the application is said to have been ported over.
WinDump is a port of tcpdump and behaves in very similar ways. One major difference between WinDump and tcpdump is that Windump needs the WinpCap library installed prior to being able to run WinDump. Despite both WinDump and WinpCap being provided by the same maintainer, they are separate downloads. WinpCap is an actual library that needs to be installed. But, once it is installed, WinDump is an. As with tcpdump, WinDump can output network data to the screen for analysis, be filtered in the same way, and also write data to a pcap file for analysis offsite.
It can not only capture data, but also provides some advanced analysis tools. Adding to its appeal, Wireshark is open source, and has been ported over to almost every server operating system that exists. Starting life named Ethereal, Wireshark now runs everywhere, including as a standalone portable app. The collected packets can then be analyzed all in one spot.
At first launch, Wireshark allows you to either load an existing pcap file, or start capturing. If you elect to capture network traffic, you can optionally specify filters to pare down the amount of data Wireshark collects.
One of the most useful tools Wireshark provides is the ability to follow a stream. In the screenshot below we can see a lot of data has been captured, but what I am most interested in is that Google IP address. The same filters and tools that can be used for natively captured network data are available for imported files. TShark is a handy cross between tcpdump and Wireshark. Tcpdump excels at collecting data packets and can very surgically extract only the data you want, however it is limited in how helpful it can be for analysis.
Enter TShark; it captures and analyzes but does the latter on the command line. This command tells TShark only to bother capturing the destination IP address as well as some other interesting fields from the HTTP part of the packet.
It's got a clean UI, plenty of options for filtering and sorting, and, best of all for some of the multi-platform folks, it jives happily on any of the big three in terms of OS. Add to that the fact that it's open-source and a Free Sniffer and you've got a compelling tool to reach for when you need some quick diagnostics.
Tcpdump is something of an older tool and, to be frank, it looks like it. But there's a certain power in tools that are so cut and dry — it does what it needs to do, does it with as little a footprint as possible, and does it cleanly. It may be harder for some professionals to weed through the stark tables of data, but in some environments, or on a machine barely running, minimal is best. It has all the functionality you'd want and need from a sniffer — capturing, recording, etc.
Tcpdump is often called for due to its sheer reliability and simplicity. Kismet is more than just a packet sniffer and, in fact, delves into wide range of functionality. Kismet even has the ability to sniff and analyze traffic of hidden networks or un-broadcasted SSIDs! Tools like this can be strangely invaluable in the right circumstances when there's something unknown causing troubles and you can't just find it — Kismet can sniff it out, if it happens to be a rogue network or AP acting up nobody mentioned they setup not quite right.
As one can imagine by the nature of wireless networking it's a little more complex when it comes to sniffing, which is why a specialized tool like Kismet not only exists but is looked to frequently.
Kismet is an excellent go to if you've got a lot of wireless traffic and wireless devices and need a tool that's better suited to handling a wireless-heavy network. EtherApe has a lot of the same sort of functionality that WireShark does and, to boot, it also boasts being both Open-Source and free of any cost!
Whereas WireShark has you peering at lists of numbers and comparing network throughput in a more numerical sense, EtherApe takes the focus more to the visual and graphical realm.
Some people just plain prefer the visual approach, and EtherApe tends to take precedence over WireShark for those folks.
This particular software has a bit of a curious name, and it belies the remarkable breadth of tasks the program can perform. It can even perform limited password recovery, do dictionary attacks to retrieve lost credentials, peruse VOIP data on the network, analyze routing, and so much more. This is a powerful tool that can really shine in those rare instances when you need to do a little search and recovery on a network.
Network miner is another tool that does more than sniff and, arguably, would be better suited to ferreting out problematic users or systems on a network than overall diagnosis or monitoring as a whole. Whereas other sniffers focus on the packets being sent back and forth, NetworkMiner is paying more mind to the ones doing the sending and receiving.
This software's name says it all — it's a lot like Kismet , but for the Mac environment. Simple as that. These days Kismet has a Mac environment port, so it may seem redundant, but it's worth emphasizing that KisMAC actually has its own codebase and was not directly derivative from Kismet's. Of particular note is that it offers several mapping and de-auth features on Mac that Kismet itself doesn't provide, and due to its unique codebase you may find it does the job better than Kismet itself at times.
0コメント