looking for good sniffer

oSpy is even better for me than Microsoft Network Monitor
here i can run program from oSpy and view all trafiic made by loaded program

in Network Monitor some packets are shown as 'Undefinied' what is not in oSpy

[romeo]

@mafcin
no problem, it truely is some beast program, i use all time when needed.

I would like to make you aware of another program.
"Fiddler" - web debugging program..

Code:

http://www.fiddler2.com/fiddler2/

Filddler 2 is released. Now you can have extensions (3rd party aswell ) so its so much better to what you want.. even you can make your own simple extension for what you aim.

Code:

Download: 
http://www.megaupload.com/?d=D0MQJ9B7

or

Fiddler is nice tool, but it shows only HTTP traffic... it's simmilar to HTTP Analyzer (that i use very often), maybe better than Analyzer... i'll check it First impressions are very positive

[romeo]

yes ^__^

You/anyone know any other like fiddler (web browser but all port is fine) ?
I remember an install only program , I think called jaihotsniff - but I cannot find it anywhere on the net...was open source

[kunam]

i usually using socket sniff, free n small

[piccolo]

Why a megaupload link if it is at google code??
http://code.google.com/p/ospy/downloads/detail?name=oSpy-1.10.4.zip&can=2&q=

[romeo]

ok good for you and googlecodes.

[romeo]

Quote:

Originally Posted by kunam

i usually using socket sniff, free n small

x64 (64bit) support?

[LaDidi]

You may use "TracePlus"...

The problem with current sniffer products is that too much irrelevant traffic are captured. We often want to filter traffic by PID.

The problem with PID is that some nasty program (e.g. Chrome and IE) spawn child process all the time so the PID always changes dynamically.

commview may fit with you.
Advantages:
1.It can capture specific process,like qq and thunder.
2.auto save packets, save as pcap format, which can be read by wiershark and other opensoure tools based on libpcap lib.
Disadvantages:
1.commercial software
2.the cracked version i tried was unreliable,it will exit when come across with heavy traffic.

Wireshark can capture special port and ip ,but process like qq may have lots of ports,it can't capture all traffic.may be someone can solve this by customed filter :-)

NetworkMonitor which produced by windows, it's output format is private, you cannot anaylase it later. Am i wrong?


P.S Wireshark and Commview can capture packets from MAC/IP/TCP_UDP/APP packets.
If no sniffer can fit you requirment, you can write a program based on winpcap or libpcap to do it.

I hope it helps you

[c4p0ne]

Omnipeek v9.1 recently released. Fantastic.

[Debugger]

Quote:

Originally Posted by c4p0ne

Omnipeek v9.1 recently released. Fantastic.

Its Quite unusual to post on such old thread. Better to create Thread in Reverse Software section if you want to let everyone know if its underrated or really useful tool.

Regards,
DB

[cp74]

Hi,

If the purpose is monitoring, Netflow is also used to collect statistics instead of packet decoding. As a sniffer, when i consider flow graphing, Wireshark is already fine, but i don't know the others for such.

Cheers,
cp74

[fqjp]

smartsniff ...simple and easy.:-)

SmartSniff is a network monitoring utility that allows you to capture TCP/IP packets that pass through your network adapter, and view the captured data as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode (for text-based protocols, like HTTP, SMTP, POP3 and FTP.) or as hex dump. (for non-text base protocols, like DNS)

http://www.nirsoft.net/utils/smsniff.html