EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > x64 OS

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-22-2009, 22:26
wps8848
 
Posts: n/a
Network Monitor by M$

I found this tool today. Maybe it's useless to others.

It's useful for me. I'm runing WIN7 X64. this can sniffer the network.

http://www.microsoft.com/downloads/d...6-3088333d062f
Reply With Quote
  #2  
Old 10-31-2009, 17:53
Silkut Silkut is offline
Friend
 
Join Date: Jun 2006
Posts: 23
Rept. Given: 12
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
Silkut Reputation: 2
Hello,
This tool exist as an additional Windows component on 2k and 2k3 server. =)
Reply With Quote
The Following User Gave Reputation+1 to Silkut For This Useful Post:
zemo (11-02-2009)
  #3  
Old 11-22-2011, 08:54
zcq
 
Posts: n/a
thanks to share , I'm runing windows server 2008 R2 datacenter. It's useful .
Reply With Quote
  #4  
Old 11-22-2011, 12:29
DCA's Avatar
DCA DCA is offline
VIP
 
Join Date: Aug 2005
Posts: 125
Rept. Given: 32
Rept. Rcvd 26 Times in 11 Posts
Thanks Given: 10
Thanks Rcvd at 7 Times in 4 Posts
DCA Reputation: 26
Does anyone know if a network monitor exsists which can be linked to an application and only monitors that and nothing more?

All network monitors i've seen so far can only monitor the complete network card and not filter on application basis (just single threads)
Reply With Quote
  #5  
Old 11-27-2011, 01:44
Kerlingen Kerlingen is offline
VIP
 
Join Date: Feb 2011
Posts: 246
Rept. Given: 0
Rept. Rcvd 253 Times in 90 Posts
Thanks Given: 0
Thanks Rcvd at 61 Times in 29 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
All the packet capture drivers will see the packets the way they are transmited over the network, which doesn't include any information about the application, so they can't apply any filter on application level.

Hooking the application's network APIs will monitor all packets which are send directly by that application, but will miss any indirect communication.

Additionally all firewall leak tests show that it's impossible to know which data is send by what application.

The best way to log data from a single application is probably to make sure no other application using the network is running at the same time. It sounds stupid, but is the most reliable way. VMware might be a good idea for something like that.

Last edited by Kerlingen; 11-27-2011 at 01:57.
Reply With Quote
  #6  
Old 11-28-2011, 03:40
Soda
 
Posts: n/a
Quote:
Originally Posted by DCA View Post
Does anyone know if a network monitor exsists which can be linked to an application and only monitors that and nothing more?

All network monitors i've seen so far can only monitor the complete network card and not filter on application basis (just single threads)
Here u r


Code:
http://www.nirsoft.net/utils/socket_sniffer.html
( Are you DCA at fine topix ? )
Reply With Quote
  #7  
Old 12-03-2011, 22:25
DCA's Avatar
DCA DCA is offline
VIP
 
Join Date: Aug 2005
Posts: 125
Rept. Given: 32
Rept. Rcvd 26 Times in 11 Posts
Thanks Given: 10
Thanks Rcvd at 7 Times in 4 Posts
DCA Reputation: 26
@soda
Thanks and yes.
Reply With Quote
  #8  
Old 08-17-2014, 17:05
wine
 
Posts: n/a
wireshark

wireshark tool
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Delphi App network activity bgrimm General Discussion 6 06-29-2005 08:45


All times are GMT +8. The time now is 12:53.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX