I've been looking over wireshark, seems like a nice application, but I'm not a networking guru that needs all the ends and out of every little detail either, so it personally seems a bit overkill for the average end-user wanting to check out their LAN.

Does anyone know any nice, simpler apps? Personally I just want to see the traffic is all and to be able to distinguish it, kind of nice how you can look at the different protocols in Wireshark...


THANKS

I use curports and Tcpview. Microsoft Network Monitor is another alternative.

curports and Tcpview here too :thumb:

Take a look at these as well ;)

LayerView - http://www.layerview.net

-{ Quote: "LayerView: Free License. We want to help you.

LayerView is completely FREE for the next 30 days!

http://www.layerview.net/freelicense.php" }-

Colasoft Network Analyzer - https://www.wilderssecurity.com/forumdisplay.php?f=92

CurrPorts - http://www.nirsoft.net

I've never been lucky to find a decent one to provide detailed packet info that would support USB 3G devices.

Are you familiar with any ??? :doubt:

Ok got more then I hoped for, LOL...

Now to weed through the confusion, which would be the simplest and best of the bunch for protocol analysis on ethernet and wifi?

Isn't wireshark more then currports and tcpview, showing what's going on with the protocols, like DNS and HTTP as an example when you are online?

By the way Capsa is just for ethernet no wifi :(

http://www.colasoft.com/capsa/capsa-free-edition.php

-{ Quote: "Originally posted by m00nbl00d

I've never been lucky to find a decent one to provide detailed packet info that would support USB 3G devices.

Are you familiar with any" }-

Well i use either or both curports and Tcpview with my USB 3G device :thumb: With or without my FW, as shown in my FW thread ;)

-{ Quote: "Well i use either or both curports and Tcpview with my USB 3G device :thumb: With or without my FW, as shown in my FW thread ;)" }-

Yes, I use them both as well. I actually tend to use TCPView more often... But, in the recent events, regarding a relative's infected system, I used CurrPorts which provided a more detailed view of certain connections.

But, it would be great to have something like Wireshark... I wonder if there's a difficulty in providing such support? I guess there is, to an extent... or they just don't feel it's worth, anyway... as most networks wouldn't be behind such type of connection.

-{ Quote: "Well i use either or both curports and Tcpview with my USB 3G device :thumb: With or without my FW, as shown in my FW thread ;)" }-


FW thread?


-{ Quote: "Yes, I use them both as well. I actually tend to use TCPView more often... But, in the recent events, regarding a relative's infected system, I used CurrPorts which provided a more detailed view of certain connections.

But, it would be great to have something like Wireshark... I wonder if there's a difficulty in providing such support? I guess there is, to an extent... or they just don't feel it's worth, anyway... as most networks wouldn't be behind such type of connection." }-


Providing what support?

So Currport and TCPView pretty much do what Wireshark does?


THANKS

-{ Quote: "FW thread?





Providing what support?

So Currport and TCPView pretty much do what Wireshark does?


THANKS" }-

CloneRanger is talking about the thread here at other firewalls http://www.wilderssecurity.com/showthread.php?&t=298698

CurrPorts and TCPView are not as powerfull as Wireshark/similar, hence I'd like to see those kind of tools (like Wireshark) to monitor network traffic behind a 3G USB connection.
Unfortunately, I couldn't find nothing so far.

-{ Quote: "I've never been lucky to find a decent one to provide detailed packet info that would support USB 3G devices.

Are you familiar with any ??? :doubt:" }-


Well for starters why are you bothering with using a Mobile Cellphone carrier connection? I'm assuming this is one a laptop?

I don't see what's so special about 3G that you are saying you can't use just about any program out there...

Wireshark isn't working?

Also if you are really concerned about your security and safety on a computer you shouldn't always be running wireless unless you are on the road...

I certainly don't see Currports and TCPView as substitutes for Wireshark-maybe for each other? They are valuable in providing a moving snapshot of your network connections as seen by your computer. But Wireshark is a dynamic protocol analyzer observing the actual packet traffic between your computer and the network (AKA packet sniffer-formerly known as ethereal to the Linux crowd :) ). See the first attachment for a look at a simple Wireshark case showing an application retrieving Windows time. Second attachment is the more complex case of setting up a wireless network using DHCP. I have also used Wireshark to do things like analyze potential problems in SSL/TLS handshaking for mail servers. Besides the timeline, you can select each line and get additional information on what is actually happening. And there is pretty good documentation and tutorial information on their website. Currports (and TCPView) outputs are quite different in both form and purpose (see fig 3 for a currports segment).

-{ Quote: "I certainly don't see Currports and TCPView as substitutes for Wireshark-maybe for each other? They are valuable in providing a moving snapshot of your network configuration as seen by your computer. " }-

yes. but he is not looking for a substitute for Wireshark

-{ Quote: "DasFox
Does anyone know any nice, simpler apps? Personally I just want to see the traffic is all and to be able to distinguish it" }-

Wireshark or Layerview are what I use.

@ m00nbl00d

Hi, you & others "might" be interested in this.

-{ Quote: "CommView for WiFi

Overview

CommView for WiFi is a powerful wireless network monitor and analyzer for 802.11 a/b/g/n networks. Loaded with many user-friendly features, CommView for WiFi combines performance and flexibility with an ease of use unmatched in the industry.
http://www.tamos.com/products/commwifi" }-

-{ Quote: "Download

Also these - https://www.wilderssecurity.com/showthread.php?t=270857

You can download evaluation versions of our products and try them for 30 days.

http://www.tamos.com/download/main" }-

So you can try it & see for free :) Other network etc tools on there as well. Let us know what you think :thumb:

@ DasFox et al

Have a look here - https://www.wilderssecurity.com/showthread.php?t=270857

NetworkMiner is another good one.

http://www.netresec.com/?page=NetworkMiner

-{ Quote: "Well for starters why are you bothering with using a Mobile Cellphone carrier connection? I'm assuming this is one a laptop?

I don't see what's so special about 3G that you are saying you can't use just about any program out there...

Wireshark isn't working?

Also if you are really concerned about your security and safety on a computer you shouldn't always be running wireless unless you are on the road..." }-

I got no concerns with my system security. I just like these type of tools, specially to monitor connections performed by malware.

This may provide a better view than Wireshark.

http://www.wilderssecurity.com/showpost.php?p=1732012&postcount=13

Netwitness Investigator (http://netwitness.com/products-services/investigator-freeware)

Overview video
http://www.youtube.com/watch?v=QDxTPYn2O2g

On the Netwitness Blog they show how Investigator can be used in various situations to reveal without signatures malicious activity.
Part 1: Gzip Web Content Java Malware and a little Javascript (http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/)

Have you guys used Angry IP scanner (it is an open-source and cross-platform network scanner)? how does it compare to curports and Tcpview?

http://www.angryip.org/w/About

For General use Wireshark is nice.
For web specific I use Fiddler - http://www.fiddler2.com/fiddler2/

Cheers, Nick

@ brainrb1

RE - Angry IP scanner

Thanks for the tip :thumb: Looked at it, but as it pings out all the time you use it :o it's a no no from me i'm afraid :(

@ Nick Rhodes

Re Fiddler

I'd forgotten about it, so :thumb: It requires Microsoft .NET Framework though :P , so i won't be using it.

As you use it, i wonder if you'ld be kind enough to comment on my Fiddler extension thoughts etc in here https://www.wilderssecurity.com/showthread.php?p=1875837#post1875837 Re delay ?

TIA

I've found this one WinSniff. -http://www.securityxploded.com/winsniff.php

I still haven't tried it, though. It's 4 A.M. I'll see if I can give it a spin later on. From the screenshot, it doesn't seem as much informative as Wireshark, still... it appears to have a decent functionality.

Just wanted to let you know... in case you already didn't. :P

-edit-

Apparently it's a demo version?

-{ Quote: "Note: This is demo application written to help new comers." }-