SmartSniff v1.79
Copyright (c) 2004 - 2011 Nir Sofer
Web site: http://www.nirsoft.net
Description
===========
SmartSniff allows you to capture TCP/IP packets that pass through your
network adapter, and view the captured data as sequence of conversations
between clients and servers. You can view the TCP/IP conversations in
Ascii mode (for text-based protocols, like HTTP, SMTP, POP3 and FTP.) or
as hex dump. (for non-text base protocols, like DNS)
SmartSniff provides 3 methods for capturing TCP/IP packets :
1. Raw Sockets (Only for Windows 2000/XP or greater): Allows you to
capture TCP/IP packets on your network without installing a capture
driver. This method has some limitations and problems.
2. WinPcap Capture Driver: Allows you to capture TCP/IP packets on all
Windows operating systems. (Windows 98/ME/NT/2000/XP/2003/Vista) In
order to use it, you have to download and install WinPcap Capture
Driver from this Web site. (WinPcap is a free open-source capture
driver.)
This method is generally the preferred way to capture TCP/IP packets
with SmartSniff, and it works better than the Raw Sockets method.
3. Microsoft Network Monitor Driver (Only for Windows 2000/XP/2003):
Microsoft provides a free capture driver under Windows 2000/XP/2003
that can be used by SmartSniff, but this driver is not installed by
default, and you have to manually install it, by using one of the
following options:
* Option 1: Install it from the CD-ROM of Windows 2000/XP
according to the instructions in Microsoft Web site
* Option 2 (XP Only) : Download and install the Windows XP
Service Pack 2 Support Tools. One of the tools in this package is
netcap.exe. When you run this tool in the first time, the Network
Monitor Driver will automatically be installed on your system.
4. Microsoft Network Monitor Driver 3: Microsoft provides a new
version of Microsoft Network Monitor driver (3.x) that is also
supported under Windows 7/Vista/2008. Starting from version 1.60,
SmartSniff can use this driver to capture the network traffic.
The new version of Microsoft Network Monitor (3.x) is available to
download from Microsoft Web site.
Notice: If WinPcap is installed on your system, and you want to use the
Microsoft Network Monitor Driver method, it's recommended to run
SmartSniff with /NoCapDriver, because the Microsoft Network Monitor
Driver may not work properly when WinPcap is loaded too.
System Requirements
===================
SmartSniff can capture TCP/IP packets on any version of Windows operating
system (Windows 98/ME/NT/2000/XP/2003/2008/Vista) as long as WinPcap
capture driver is installed and works properly with your network adapter.
You can also use SmartSniff with the capture driver of Microsoft Network
Monitor, if it's installed on your system.
Under Windows 2000/XP (or greater), SmartSniff also allows you to capture
TCP/IP packets without installing any capture driver, by using 'Raw
Sockets' method. However, this capture method has some limitations and
problems:
* Outgoing UDP and ICMP packets are not captured.
* On Windows XP SP1 outgoing packets are not captured at all - Thanks
to Microsoft's bug that appeared in SP1 update...
This bug was fixed on SP2 update, but under Vista, Microsoft returned
back the outgoing packets bug of XP/SP1.
* On Windows Vista with SP1, only UDP packets are captured. TCP packets
are not captured at all.
* On Windows 7, it seems that 'Raw Sockets' method works properly
again, at least for now...
Versions History
================
* Version 1.79:
* Fixed bug: 'Restart Capture' option caused SmartSniff to crash in
some circumstances.
* Version 1.78:
* Added 'Restart Capture' option (Ctrl+R), which stops the capture
and then immediately starts it again.
* Version 1.77:
* Increased the size of total filter string (Capture Filter and
Display Filter) that can be saved into the .cfg file.
* Version 1.76:
* When 'Retrieve process information while capturing packets'
option is turned on, the 'Process User' column now displays the user
name of the specified process.
* Version 1.75:
* Added 'Decompress HTTP Responses' option. When it's turned on,
HTTP responses compressed with gzip are automatically detected, and
displayed in decompressed form.
* Version 1.72:
* Fixed bug: The status bar packets counter displayed a little
higher value than the total packets counters in the upper pane table.
* Version 1.71:
* Added 'Hide Lower Pane' option (under the Options menu), which is
useful when you work in statistics only mode, and you don't need the
lower pane.
* Version 1.70:
* Added 'Display only active connections' in Advanced Options
window. When this options is turned on, SmartSniff automatically hide
all streams that their connection was closed. This means that
SmartSniff will only display the streams that their connection is
still opened.
* Version 1.65:
* Added support for .csv files in 'Save Packet Summaries' option.
* Added 'Add Header Line To CSV/Tab-Delimited File' option. When
this option is turned on, the column names are added as the first
line when you export to csv or tab-delimited file.
* Version 1.63:
* Added 'Automatically Scroll Down in Live Mode' option, under the
Options menu
* Version 1.62:
* Added /StartCapture and /LoadConfig command-line options.
* Added x64 version of SmartSniff, to work with Microsoft Network
Monitor Driver 3.x on Windows x64.
* Version 1.60:
* Added support for capturing with Microsoft Network Monitor 3.x
driver. (Very useful for Windows Vista/7 users, because the old
Network Monitor driver is not supported in these OS)
* For Microsoft Network Monitor 3.x driver, there is also 'Wifi
Monitor Mode' button which only works under Windows 7/Vista, and only
for wireless devices that supports 'Monitor Mode'. When you switch
the wireless card to monitor mode, SmartSniff can capture all
unencrypted Wifi/TCP streams in the channel that you chose to monitor.
* Added support for opening the capture file (.cap) of Microsoft
Network Monitor 3.x
* Added support for viewing the content of unencrypted Wifi/TCP
streams. This feature works on WinPCap driver and Microsoft Network
Monitor 3.x
* Added 'Promiscuous Mode' check-box for WinPCap and Microsoft
Network Monitor 3.x driver. In the previous version, SmartSniff
always turned on the 'Promiscuous Mode', but in some wireless
adapters, the capture doesn't work at all if Promiscuous Mode is
turned on.
* Version 1.53:
* Fixed bug: SmartSniff displayed a crash message on msvcrt.dll
when reading TCP packets with invalid data length.
* Version 1.52:
* In 'Export TCP/IP Steams' - Added 2 new file types - 'Raw Data
Files - Local' and 'Raw Data Files - Remote' for exporting only one
side of the stream.
* Version 1.51:
* Added Drag & Drop support - you can now drag .ssp file from
Explorer into the window of SmartSniff.
* Version 1.50:
* Added 'Last Packet Time' column - Displays the date/time of the
last packet received.
* Added 'Data Speed' column - Displays the calculated speed of the
TCP connection in KB per second.
* Version 1.45:
* New option: Display Outgoing/Incoming Data - When this option is
turned on, separated values for outgoing and incoming packets are
displayed for the following columns: 'Packets', 'Data Size', and
'Total Size'. The values are displayed in the following format:
{Outgoing ; Incoming}
* Version 1.40:
* Added local/remote MAC addresses (relevant only for local
network, and it doesn't work with raw sockets)
* Added IPNetInfo integration - When you put IPNet
niuniu215
- 粉丝: 14
- 资源: 2
最新资源
- 云平台VPC.vsdx
- PIPE物理层接口规范:PCIe SATA USB3.1 DisplayPort 和 Converged IO 架构
- SparkSQL进阶操作相关数据
- java制作的小游戏,作为巩固java知识之用.zip
- Java语言写的围棋小游戏 半成品A Go game written in golang(Semi-finished).zip
- 基于Java-swing的俄罗斯方块游戏:源码+答辩文档+PPT.zip
- florr map详细版
- shiahdifhiahfiqefiwhfi weifwijfiwqufiqweefijeq0jfe
- registry-2.8.3<arm/amd>二进制文件
- Kotlin接口与抽象类详解及其应用
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈