|
|
Network Spy
-
Version
2.0
Network Spy is a general purpose diagnostic tool for
administrators,
programmers and students of network technologies. It
can operate in
different modes depending on the application. Some
of the more typical
applications of this tool include:
- Packet capture and decode
- Network Statistics gathering
- Software debugging
- Intrusion Detection and activity monitoring
Packet Capture and Decode
In this mode, Network Spy can be used to get a
snapshot of data from an
ethernet network. It is capable of decoding the most
widely used IP
protocols such as UCP, TCP and ICMP. It also allows
you to save this data
for later analysis. The decoded packets are
displayed in human readable
form.
Network Statistics gathering
In this mode, the amount of data attributed to a
certain activity can be
captured. For instance, if you want to monitor how
much data is
transferred between user x and excite.com, you can
specify a rule to keep
a track of amount of this data. Another example is
keeping track of how
much FTP data flows on your network.
Software Debugging
People programming network software and web
applications will find this
tool extremely useful. It can be used to debug
application to find errors
in code, compute bandwidth utilization and find
bottlenecks.
Intrusion Detection and Activity
Monitoring
Using the new rules-based filtering mechanism, one
can capture packets of
interest, avoiding a huge capture of all packets on
the network. A rule
specifies a pattern to match. For instance, one
could specify to capture
all ICMP packets where TTL=1. This would be true
when someone is
performing a traceroute.
Network Spy also includes various other tools such as
DNS Lookup, Ping, TraceRoute and Whois to aid in
everyday tasks.
|