If you’ve ever had the… pleasure… of debugging a application using an SSL/TLS connection with Wireshark (or any other packet analyzer for that matter), you’re
SniPCAP is improved and now streaming!
As it was mentioned in the first article, SniPCAP had a lot of room to improve on. The following lists the basic functionalities of SniPCAP:
- audit information
- monitor bandwidth usage
- diagnose problems or bottlenecks in the network
- discover devices on the network
- detect network intrusion through packet analysis
- convert network traffic into a user readable format
- log traffic
The previous version of SniPCAP was only a minimum product that temporarily captured a small amount of data; increased scalability and better usability was a necessity (more details on the first part of this project could be found here). This article shows the development of a more scalable product on the NetBurner Module.
Use of a packet sniffer in government agencies has always been a controversial topic. You might ask, “what is packet sniffing and what can it do?” A packet sniffer is a software or hardware tool that can intercept and log traffic on an Ethernet network.