Free version of NetWitness Investigator released - try it if you use Wireshark

See http://www.netwitness.com/products/investigator.aspx

Credit to http://isc.sans.org/diary.html?storyid=5351 for bringing it to my attention.

 

what is this?antimalware?

 

jmonge it's a sniffer for network traffic.

Thanks MrBrian. Looks a good tool.

edit : Had some time and discovered that this is quite a nice sniffer.

 

It's for analyzing network data.

 

Basically it is a network monitoring tool.

 

Thanks MrBrain, I tried it. Maybe its good for home or single PC use, I tried to check on the network for the the ARP flood and BAM !! my system became slow as hell !!

I think WireShark/Ethereal is still best for high volume traffic. Thats my observation.

 

You're welcome

By the way, the listed minimum specs for processor: "Single 2Ghz Intel-based processor (Dual-core recommended)"

 

My laptop is a Core2 Duo 2.2Ghz with 2GB RAM, still seems be the lower end of the specs spectrum for NetWitness.

Should have looked the minimum specs up, before babbling
But with such high specs, I wonder where they are aiming with product ??

 

ah i see thanks for repliying

 

thanks