VisualEther Protocol Analyzer is a simple-to-use application capable of producing sequence and call flow diagrams using Wireshark data. This helps you better analyze information with the aid of a visual trace of the packet flow between different nodes.

Generate diagrams with Wireshark packet info

The program can create sequence diagrams at IP address or port level, get messages from GTO tunnels, as well as leave out repeating RTP or RTCP packets. It uses regex to find and indicate error scenarios. If it fails to report messages, this can be bookmarked in a PDF file for troubleshooting purposes.

Moreover, you can define the template used for generating data from the Wireshark output in XML format. As far as protocols are concerned, VisualEther Protocol Analyzer supports IPv4, IPv6, Ethernet and wireless network connections. Transport layer compatibility extends to TCP, UDP and SCTP.

Easy-to-install prerequisites and clear-cut interface

To be able to successfully use this tool, you must first download and install the prerequisites package. It includes the latest .NET Framework and SumatraPDF. If you already have these components, then you can skip this step. Just make sure that Wireshark is properly installed or you will have to specify the correct path to the PCAP or PDML file from the main window of VisualEther Protocol Analyzer.

The interface is user-friendly. Besides the PCAP or PDML file from Wireshark, you can indicate the field extraction template (FXT) file in XML format. Before generating the diagram, you might be interested in paying a visit to the settings panel in order to set the axis to TCP/UDP/SCTP, IP address or IP address and port number level.

Configure settings before creating diagrams

As far as additional configuration settings go, it's possible to set the maximum parameters per message and packets per PCAP file, as well as change the default path to EventStudio, tshark (Wireshark command line), SumatraPDF, style and theme, along with default Hosts file. Log details can be inspected while diagrams are being generated.

The utility managed to rapidly put together diagrams in our tests while remaining light on system resources consumption. Taking into account its clean interface and intuitive options, VisualEther Protocol Analyzer comes to the aid of all users looking to generate diagrams with Wireshark input.

Filed under

Analyze protocol Sequence diagram designer Trace packet flow Protocol Analyzer Diagram Sequence

Nethor

Efficiently and accurately analyze your computer's network traffic and get customized reports as well as nice visual representations with the help of this app.

Packet analyzers are used for monitoring, intercepting, and also decoding data packets transmitted across the network. Some, more advanced, packet analyzers can efficiently intercept and log traffic that passes over a network or parts of a network.

Nethor is one such software - a packet analyzer for Windows that also doubles as a network visualization tool that allows you to visualize packets and nodes in a wide spectrum of ways.

Getting started with Nethor

Because Nethor is a portable application and it does not use any third-party modules and plug-ins, it can be run on basically any computer, or directly from USB sticks or other external storage devices, without much effort.

However, please note that the presence of .NET Framework 4.5 or later is required on the computer it's meant to run on.

Nethor's feature-set

Even though Nethor is a free product, it has a lot of useful features. For starters, it's worth noting that it can work with multiple PCAP/PCAPNG files at once (multiple files can be operated as one).

Another great aspect of this app is that it allows you to build your own filters and inspect each and every protocol in detail. The supported link types include Ethernet, IEEE 802.11, and IPv4/6. It also has a live capture option, but it only works for IP.

Other noteworthy features include the ability to resolve physical, network and transport addresses, simple packet data hex and text edit, packet data hex and text edit, and something called packet playback.

One of the app's greatest strengths is the fact that it allows you to visualize connections in a variety of ways. For instance, you can visualize the connection in a matrix configuration, all the IP connections in a 2D world map, as well as visualize all the packets on a basic timeline (with a zoom option included).

Conclusion

Taking everything into consideration, Nethor fairs well against most other packet analyzers thanks to its plethora of useful features and neat visualization tools. It's easy to use and it allows basically everybody to capture the network traffic, analyze the data and pinpoint the source of a potential issue and even various tools to prevent them from happening in the future.

Filed under

Packet Analyzer Network Visualizer Traffic Analyzer Traffic Packet Analyzer Visualizer

IP Tools

Perform various network-related actions from your computer such as scanning for IP addresses, pinging a host or shutdown a machine with this tool.

IP Tools ensembles a collection of various applications targeting the network adapter of your computer. The main component of IP Tools is the packet sniffer (aka network / protocol / packet analyzer or Ethernet / wireless sniffer) that intercepts and logs network traffic.

Includes monitoring and management tools

In order to work with any Windows version, the sniffer uses three methods: the new raw socket implementation of Windows 2000, the WinPcap application or the NDIS protocol. Its main objectives are filtering, decoding and parsing. The interface looks pretty simple at the surface, but once you get into its menus, a whole new world reveals itself. One thing is certain - IP Tools is definitely an application built for advanced users.

The suite consists of multiple individual tools, ranging from basic bandwidth monitoring to spoofing and decoding. The included bandwidth monitor works both locally and remotely, providing the IP LAN activity for the selected interface. The Adapter Statistics program displays data for several protocols such as IP, TCP, UDP or ICMP alongside graphs for directed, broadcast and multicast packets.

MAC changer, hostname resolver, and decoders

You can easily list all ARP entries, find out what ports are opened, retrieve information for specific network adapters or view the routing table of your PC. Other tools help you hook Winsock APIs to certain processes, perform ARP spoofs by tricking remote hosts with bogus ARP replies as well as TCP, UDP or ICMP packets.

MAC address changing is possible along with SNMP, WINS, DNS, DHCP or SMTP configuration. Hostname Resolver is also included in the pack in addition to Whois, TCP tools (scan, ping or client/server), UDP tools (MSSQL / SNMP / SSDP ping) and ICMP tools (ping and tracert).

You can also make use of various decoder tools comprising Protected Storage, Dump Credentials, Password Reveal, Dialup Password, Hash Calculator or Decode IE History / Base64 / MDB or RDP (Remote Desktop Protocol). The collection concludes with numerous MS Networks, processes, firewall and Internet IP applications such as retrieval of NetBIOS names table, remote registry or drivers.

To conclude

IP Tools features a comprehensive set of programs to say the least. It encases the a great pack of network software that comes in very handy for network administration daily tasks as well as more in-depth analysis and configuration. Although its interface does not make it attractive at all, IP Tools fills that gap with a broad selection of precise programs to make network management a swifter experience.

Filed under

Protocol analyzer Packet sniffer IP traffic monitor Protocol Analyzer Filtering Traffic

Download Hubs

IP Tools is part of these download collections: Network Sniffers, WHOIS Clients

PTP Track Hound

Capture, visualize and analyze PTP (Precision Time Protocol) network traffic with the help of this well-thought-out piece of software.

PTP Track Hound is an interesting and useful piece of software designed to provide you with all the necessary tools in order to record and analyze PTP (short for Precision Time Protocol) network traffic.

An easy to work with as it is to install

It can be deployed on your computer's system with a minimum of effort on your behalf, mainly thanks to a straightforward, wizard-based installer. The only thing to keep in mind, though, is the fact that the app requires the presence of WinPcap on your computer's system in order to run as intended.

Once launched, you are bound to discover a fairly intuitive yet not-exactly-modern user interface. The fact that the app's main window is split into four parts is probably the first thing you will notice.

Uncomplicated and very efficient networking tool

The upper left section is the "Messages" section, and it's the place where you can view all the captured PTP entries. Please note that you can also filter messages by protocol, domain, type, and device source. Move a bit lower, and you can view the "Message Details" tile. Basically, you can analyze all PTP messages in details thanks to a very smart hover-on-demand highlighting system.

In the upper right side of the main window you can locate the "Devices" area and, as its name suggests, is the place where you can view the actual devices detected on your network in hierarchal order. Right under it, there's the "Events" section which should be helpful when it comes to discovering new devices. It may also prove to be useful by pointing out when a device's state changes.

Capture PTP traffic with the help of this specialized tool

Having said all that, it's safe to say that PTP Track Hound is an efficient networking tool that comes in handy for users who are keen on learning more about the relationship and behavior or various PTP devices on their network. The application is easy to install, intuitive enough to be used by even the most novice of users, relatively lightweight on system resources, and it's also backed up by a simple yet useful Getting Started manual.

Filed under

Track PTP PTP Analyzer PTP Tracker Wireshark PTP Tracker Analyzer

CommView for WiFi

A program for capturing traffic on 802.11a / b / g / n networks alongside some powerful features regarding packets as well as nodes.

Network traffic monitoring is a task that requires specialized tools and a specialist to interpret the data, so this means it is an undertaking only for professionals. Thing may be even more complicated if the tracked network is a wireless one, because hardware and software compatibility and communication plays an important role.

A tool that was especially designed for the above mentioned purpose is CommView for WiFi. It serves as both monitor and analyzer for data moving through WLAN channels.

The program comes with a neat interface, well organized and quite easy to understand. Nodes, channels, packets, VoIP and logs are available each from its own tab and the 'Detailed View' option will display all the available information.

CommView for WiFi is able to look into every packet of data and reveal details concerning access points, as well as various stats including those for each channel and node, signal strength, protocol distribution, connections list and many more.

The application supports decoding captured packets and thanks to its impressive support for more than 70 protocols, CommView for WiFi will allow you to get every bit of information with regard to the network traffic.

With this utility you can also view call logging details and get full reports about SIP Sessions, H.323 Sessions, RTP Streams, Endpoints, Registrations and Errors. You can create advanced rules for capturing or ignoring packets and even set alarms for specific events.

To sum it up, it's safe to say that CommView for WiFi manages to put up a very good performance, backed by a strong feature pack. It provides many useful functions and, even if it's addressed to professionals rather than average users, the software is still quite easy to operate.

Filed under

Capture traffic Analyze network Analyze data WiFi Traffic Wireless Analyze

Download Hubs

CommView for WiFi is part of these download collections: Wireless Detector, Network Sniffers

Wireshark

Advanced network protocol analyzer made to intercept traffic, monitor sent/received data packets, investigate network issues and suspicious activity, generate statistics, featuring color-coded packet types.

If your computer is always connected to the Internet or local network, it's vulnerable to hacker attacks and malware infections. In addition to using a powerful and updated antivirus solution (obligatory for any responsible PC user), you can also use a network analysis tool to identify the malicious packets and block them. Such an application is Wireshark and it's free to use.

Customizable setup pack

When deploying Wireshark on your computer, you can choose the plugins and extensions you want to install, such as the Dissector plugin, Tree Statistics, SNMP MIBs, or the Meta Analysis and Tracing Engine.

Since these utilities are meant to provide a wider range of information about your network traffic and they can be easily disabled, it is advisable to install them alongside Wireshark. The same advice applies to the extra tools bundled with the setup and to the recommended file associations for trace files found on the PC.

The final step before finalizing the initial configuration is for the setup to check whether you have WinPcap installed on your computer, and to install it if missing.

Set filters to capture network traffic

If you are using several network cards, Wireshark lets you choose the one for capturing the network traffic. Once the capture has begun, you can monitor all the connections and their corresponding details – you also get the chance to create filters to keep an eye on just certain types of connections.

Color-coded packet types to spot them easier

Another way to make sure you correctly monitor the type of packets you want is to apply color schemes for each type of connection, so that the most important ones are the most visible. If you are not satisfied with the color templates provided by Wireshark, you can create a custom one by specifying the shade and string to be monitored.

Wireshark also comes with a Statistics function that can be used to generate reports to be analyzed at a later time. Depending on your necessities, you can choose to view the details of the protocol hierarchy, endpoint, packet lengths, or the IO graph.

Overall, an advanced and dependable protocol analyzer

With all things considered, Wireshark can come in handy to all those who want to be in control of their network connections and limit them whenever needed. However, it does take an expert to use the app to its full potential.

Filed under

Network diagnostic Protocol analyzer Network monitor Protocol Analyzer Diagnostics Analysis

Download Hubs

Wireshark is part of these download collections: Network Sniffers

Eye P.A.

A Wi-Fi network packet analysis application that can help you detect connection problems and suggest improvements that can enhance speed.

Eye P.A. is an advanced 802.11 network diagnostics and packet analysis utility that can assist administrators in efficiently identifying connection problems. It can thoroughly examine the structure of the transmitted data and display it graphically, enabling you to analyze packets in detail.

Advanced network packet analysis

Eye P.A. is especially designed for Wi-Fi networks, providing compatibility with AirPcap Nx, a powerful USB-based packet capture device. Alternatively, you can load locally stored packet files and proceed with the analysis. The range of supported formats includes PCAP, WCAP, PCAPNG, NCF, PKT, APC and CAP.

The application inspects the packet, retrieving information concerning the channel selection, the packet ratio and the data rates. But its functionality is not limited to data collection. Based on these details, it can explain potential issues that affect the network and provide useful suggestions to fix problems.

Data visualization and exporting options

Eye P.A. generates a color-coded pie chart containing data about the total air time, the amount of transferred bytes or the number of packets. Moving your mouse cursor over the graphical representation reveals popup windows showing you details about the corresponding data type.

In addition to this, it shows you all the access points, information about client devices that correspond to a particular SSID and the various frame types transmitted throughout the network.

Data can be filtered based on the SSID, the MAC address, the data rate and various other criteria, while the packet structure is displayed in an organized table, enabling you to view wireless data exchange sessions. Moreover, all the gathered information can be easily exported to Wireshark for further analysis.

Analyze network packets to identify and solve problems

Eye P.A. can be of great use to administrators and regular users alike, providing them with a advanced packet analysis application for 802.11 networks. It can offer practical suggestions that can help them enhance the network speed and improve its reliability.

Filed under

Network diagnostic Protocol analyzer Packet analysis Network Diagnostic Connection Analysis

York

Records network traffic to capture files, pictures, passwords and web sessions, enabling you to configure network adapter and logging settings.

York is a simple-to-use application that logs all network traffic. It primarily caters to advanced users, such as network administrators.

Review passwords, web sessions, and pictures

After a brief and uneventful setup procedure, you can check out the user-friendly interface, represented by a regular window divided into multiple tabs for viewing packets and other data.

Network traffic monitoring automatically starts at initialization. You can view the time, addresses, port number and packet size for each host.

In addition, you can view captured files, passwords, web sessions and pictures, as well as check out the database log and search for information by various criteria (e.g. type, address, port). It can be exported to CSV format for further scrutiny.

Set the save location of the database

As far as program configuration is concerned, you can select the network adapter, ask the tool to log TCP, UDP, ICMP and NETBIOS packets, append the start time to the log file name, and enable sound notifications on certain events (e.g. new connection).

Furthermore, you can set York to automatically run at system startup, assign a password for accessing information and the Options dialog, as well as use MySQL to store logs, among others.

A few last words

York is light on the system resources, so it doesn't put a strain on computer performance or interrupt normal activity. We haven't come across any issues in our tests, since the app did not hang or crash. All in all, York includes a set of handy features for monitoring network traffic.

Filed under

Log traffic Monitor network Network traffic Traffic Network Monitor TCP

WifiChannelMonitor

A Wi-Fi traffic capturing application that enables you to view a list of all the access points, the connected clients and their identification information.

WifiChannelMonitor is a network traffic monitoring application that can help administrators obtain important information concerning the available access points and the connected Wi-Fi clients. Alternatively, it can also be used for reading CAP files generated by a third party packet capturing utility.

Retrieves data about access points and wireless clients

Making use of the Microsoft Network Monitor capture driver, WifiChannelMonitor can retrieve details about Wi-Fi clients that are not connected to an access point, alongside their MAC address, the amount of sent and received data, the device name and its model, the PHY traffic mode (802.11g, 802.11n etc.), as well as security-related information, such as the used key and ciphering algorithm.

For all the access points it detects, it displays the SSID and the MAC address, the channel, the PHY type, the number of beacons and received responses, the transferred data, used security algorithm for data encryption and so on. All this is displayed in an organized table, where you can sort all the records by simply clicking on the table headers.

Simple configuration and fast identification of active clients

WifiChannelMonitor is very easy to configure, thanks to its intuitive options and clear-cut interface. You start by choosing the wireless adapter from the 'Options' area, setting the desired channel and activating the monitor mode.

The GUI is split into two separate panes. The first lists the identified access points, whereas the second is dedicated to the Wi-Fi clients detected by the application. Clients that have performed transfers within the last 10 / 60 seconds are marked with green and orange, respectively, while the one that had no activity in the last minute are marked with a red icon.

A reliable Wi-Fi monitoring application

WifiChannelMonitor can prove useful to any network administrator who wants to keep a close eye on the access points in the network and monitor clients that are trying to initiate a connection. It enables them to view data in real time and generate complete HTML reports that can be quickly shared with other users.

Filed under

Network monitor Wi-Fi traffic Traffic capture Wi-Fi Traffic Capture Monitor

CommView

Captures network packets, allowing you to browse the connection history, run whois on different hosts, and analyze the transferred data.

Network security administrators require advanced software tools in order to keep an eye on the LAN activity, capture and analyze both sent and received packets. CommView is an intuitive application that serves this exact purpose, enabling users to monitor the network traffic.

The application can only be used with dial-up or Ethernet networks, but a Wi-Fi monitoring edition is also available. It aims to gather information with regard to the latest initiated IP connections, transferred packets, sessions, opened ports, hosts, VoIP and decode the extracted data.

Within its user-friendly and well-organized window, you can view a list of the active network connections and network statistical data (bandwidth utilization, traffic reports in real time). Furthermore, CommView is capable of analyzing individual data packets and display their source and destination, network access points, used protocols, ports, channels and nodes.

The powerful filtering system enables you to create rules that exclude certain packets and capture others, while the customizable alarms help you set automatic text, sound and e-mail notifications for specific events, such as the detection of suspicious packets, unidentified connections or bandwidth threshold exceeding.

With the help of this application, you can read call logs and generate reports concerning H.323 or SIP voice communication sessions, errors and endpoints. It provides support for the most widespread protocols and allows you to easily reconstruct TCP sessions or UDP streams.

CommView enables you to search for hex data within the captured packets, import them to other similar applications or save them to log files for later reference. Also, IP addresses can be exported to SmartWhois for performing address lookup. Additionally, it comes with a packet generator, remote monitoring and performance statistics reports.

Combining ease of use with an advanced feature set, CommView provides a complete set of tools for monitoring the traffic, analyzing the content of the transferred data and viewing network statistics.