laitimes
return

As a webman, you can only Wireshark?

author:Linux O&M base

tool

Wireshark is a very popular NIC packet capture software with powerful packet capture functions. It can intercept all kinds of network packets and display the packet details.

This means that it can see what happened to traffic across all networks. It works with a wide range of systems, and the most popular reason for network engineers is that it's free.

Wireshark is indeed a classic, but it is not the most comprehensive. So, if you are a little dissatisfied with using Wireshark, then this similar tool Amway sticker (5 pieces), I recommend you to bookmark.

01、Cviews Omnipeak

Omnipeek from Savvius is paid to use, but there's a lot to recommend about the software.

It has a 30-day free trial that lets you try out the feel and features.

Like Wireshark, Omnipeek doesn't actually collect packets, but Omnipeek's analytics capabilities are better than Wireshark's.

Omnipeek can scan packets for problems or detect changes in transmission speed. These events can be set to trigger alerts.

Omnipeek is a combination of a network management system + packet capture tool.

Its traffic analysis module reports on the end-to-end performance of the connection as well as the link performance, and it also reports on the interface of the web server on demand.

As a webman, you can only Wireshark?

However, Omnipeek does not work on Linux, Unix, or Mac OS, and to run Omnipeek, you need 64-bit Windows 7, 8, or 10, or Windows Server 2008 R2, 2012, 2012 R2, or 2016.

02、 Ettercap

Ettercap is free to use and focuses on the features of system defense. Ettercap matches the portability of Wireshark as it runs on Windows, Linux, Unix, and Mac OS.

Ettercap is a little more well-known as a hacking utility, but it's still a tool that can be used by us web workers.

As a webman, you can only Wireshark?

Ettercap uses the libpcap library to capture packets. The Ettercap software itself can create a number of cyberattacks, including ARP poisoning and MAC address camouflage.

Ettercap has more features than Wireshark, such as the ability to capture SSL certificates, change the contents of packets in transit, delete connections, and capture passwords.

As another example, it can identify malicious users and isolate them from the network, and if you want to gather evidence, you can track the behavior of suspicious users and record their behavior. So in a way, Ettercap is more powerful than Wireshark.

03 、Kismet

Kismet can't intercept packets on wired networks, but it's great for wireless packet sniffing, and the software is available for Linux, Unix, and Mac OS.

As a webman, you can only Wireshark?

Kismet's data collectors are different from other tools, so intrusion detection systems cannot discover Kismet's collection activities.

That is, a standard network monitoring system, while it will detect the presence of a device running Kismet, will not see that the program is collecting packets on the network.

Kismet's default mode only collects packet headers, but it can also be used to get a traffic dump that captures all packets, including the data payload. It can analyze, sort, filter, and save packets to a file.

04 、SmartSniff

SmartSniff is available for Windows and is free to use for wired networks. SmartSniff's collector can run on wireless networks, but only on those wifi systems that contain computers that host the sniffer program.

As a webman, you can only Wireshark?

However, this native system is not very efficient, and it is more common to install WinPcap to collect packets.

Packet capture on demand, which can be turned on and off in the console.

The top pane of the console shows the connections between the computers. When you click on one of the records, the traffic for that connection will be displayed in the bottom panel.

Plain text traffic is displayed as-is, encrypted packets can be treated as hexadecimal data dumps, the data can be filtered to show only TCP, UDP, or ICMP packets, and each packet can be tagged according to the application associated with it.

SmartSniff can save packets to a pcap file so that they can be reloaded into the interface later, or analyzed using other tools.

05 、EtherApe

EtherApe is still free and runs on Linux, Unix, and Mac OS. It mainly creates a network map by collecting messages from devices, and the hosts on the network are plotted on the map and marked with their IP addresses.

EtherApe then captures all packets transmitted between these hosts and displays them on a map in real time. Each transfer is indicated by a color, representing its protocol or application.

As a webman, you can only Wireshark?

The tool can track wired and wireless networks, as well as depict virtual machines and their underlying infrastructure, the mapping tracks TCP and UDP traffic, and detects IPv4 and IPv6 addresses.

EtherApe can switch views to see the links on the end-to-end connection and the traffic displayed on them, and can also filter all maps to show only specific applications or traffic from specific sources.

EtherApe only captures the headers of packets, which protects the privacy of the data propagated in the network.

Pay attention to the good of the industry: IT operation and maintenance base camp, and get the 60 G "Network Engineering System Gift Package"

Recently launched courses (online + offline): Huawei HCIP, Cisco CCNP, Red Hat RHCE, OpenShift;

For more courses, you can leave a private message

Previous: 50-year-old Dong Qing burns incense in Lama Temple, dresses neutrally, has tired eyes, and the hair on the top of his head is sparse and may be stressful
Next: Wang Xiaofei cried! Finally saw the child, but the child was a stranger! What did Big S do?