DripCap is a platform open source packet sniffer that allows even complete beginners to inspect network traffic on your network.
The program is simple to set up, as no installation or third capture tool is required, just unzip the download at any convenient folder.
No complexity in the workflow, either. Click "Start a new capture", choose a network adapter, click Start and DripCap work.
Packets basic details are displayed as they are captured: type (TCP, UDP, DNS, ARP, etc.), IP addresses and source and the packet length.
timestamp, MAC addresses, the ports of origin and destination and other information related to IP and TCP: When you click on a package, a low level ventilation is obtained.
There is also a hexadecimal text and display the contents of the package, which can contain URLs, logins or other clues to its purpose.
DripCap offers flexible filters to define exactly which packets are captured or displayed. You can configure it by typing text commands instead of selecting menu options, but it is still difficult to use.
For example, you can type "tcp" to view only TCP packets, "tcp .ack" for prices, "payload.length>" 80 to see and packets with lengths greater than 80. Instructs you the idea.
There are some annoying limitations such as the inability to resolve IP addresses or record the complete capture for later analysis.
On the positive side, the program presents unusual extensions, including a "display P 2 P network in real time" showing his connections as a cloud tour. This sometimes blocked DripCap when we tested in real download P 2 P, so there is work to do, but it is anticipated that a first version and at least the developer has any ambition.
Overall, DripCap is relatively basic, but it is easy to use and has some packet capture of promise for the future. Give it a try.
DripCap is available for Windows, Mac and Linux 64-bit.
No comments:
Post a Comment