Analyzer 3.0 (alpha) 1.0

Analyzer is a fully configurable Network Analyzer for Win32. It includes several functionalities that are needed by network management operator.

Analyzer 3.0 (alpha) 1.0

Analyzer is a fully configurable Network Analyzer for Win32. It includes several functionalities that are needed by network management operator. Analyzer is based on WinPcap and it is able to capture packets on most Win32 platforms (and link-layer technologies).

Analyzer 3.0 comes out with some event logging, LAN monitoring and traffic monitoring capabilities.

However, Analyzer 3.0 most valuable point is the ability to parse network packets according to the protocol description contained into some external files, which can be modified at run-time by the user. These files are written in the new NetPDL language; for who is interested in that, please read the Protocol Dissectors Section.

We moved the development of Analyzer to the SourceForge.net servers. You can use all their facilities for submitting a request, subscribing the mailing lists, browsing the latest code, and so on.

This program is current being developed at Politecnico di Torino and it is released under a BSD licence. The program is free, but we would like to receive a small contribution from all the companies that are using our tools for business. Please, be honest: if you get (or save) money from our work, let's share part of it with us.

What does Analyzer?

Analyzer is not a simple network sniffer. Here there is a brief summary of what it can do.

Network Sniffer
Analyzer can capture (and display) packets on both the local machine and remote probes, thanks to the full support of the Remote Capture functionality of WinPcap.
Additionally, one of the most valuable point is the ability to parse network packets according to the protocol description contained in external files, which can be modified at run-time by the user. These files are written in the new NetPDL language; for who is interested in that, please read the Protocol Dissectors Section.

Advanced sniffing capabilities
Due to the full support of the WinPcap remote capture capabilities, Analyzer is able to display packets currently being captured on another (remote) host. This can be done even if the remote host is behind a firewall, thanks to the support of the Active Mode remote capture. Additionally, Analyzer supports also sampling in order to reduce the amount of traffic generated by the remote host toward Analyzer. Sampling is available also when capturing from a local interface.

End-to-end Reachability Monitor
Analyzer can monitor the reachability (through a set of ICMP ECHO, aka PING, packets) of remote host, saving data into a database and making additional statistics. The user can later retrieve historical data to see how the reachability of some host changed over time.
Additionally the user can set some alarm (e.g. "send an e-mail") in case of some event (e.g. "host down").
Local Network Host Monitor
Analyzer can discover the presence of the active station on your local network and display their MAC, IPv4 and IPv6 addresses, and their canonical name.
This module can monitor the availability of the stations and signal whether an host is up, is down, and so on. Furthermore, it can detect address spoofing (e.g. when the same IPv4/IPv6 address appears to bind more than one MAC addresses).
Additionally the user can set some alarm (e.g. "send an e-mail") in case of some event (e.g. "possible spoofing").

Network Sessions Logger
Analyzer can monitor the presence of TCP/UDP/ICMP "sessions" over the network, saving a database record for each session detected within a time frame. A summary of the session is then saved into a database for later processing.
Network Data Mining.
Release notes: New Release
* Full IPv6 support
* Support for remote capture through the proper extensions to WinPcap. Please refers to WinPcap for the proper documentation for installing a remote capture server
* Potential cross platform support, although the current release supports only Win32 (however we do not plan to maintain UNIX ports and we are looking for help)
* LAN node discovery, to see all the hosts that are on your LAN segment
* Network statistics (top speaker and such)
* Network monitor (monitor some specific aspect of the network like "all IP traffic")
* HTML support (all modules are able to export data in HTML format and put them on a web server)
* Event Logging capabilities
* NetPDL-based protocol definition: it has a new protocol decoding engine based on XML
[ Analyzer full changelog ]

   



Top Software

New Software

Top Search

Latest Reviews