Network Capture and Analysis Tools and Other Pointers

Logo Description URL
AirPcap logo.png The AirPcap family is the first open, affordable and easy-to-deploy packet capture solution for Windows. link
CACEPilot logo.jpeg CACE Pilot® is a visually rich and powerful analyzer for wired and wireless networks that revolutionizes the use of Wireshark by providing capabilities not found in the world’s most popular packet and network analysis tool.
Cisco ASA logo.png Easy packet captures straight from the Cisco ASA firewall. Whether you are troubleshooting a difficult problem or chasing some interesting traffic, sometimes you need to pull a packet capture. Of course, you could configure and deploy a sniffer, but that is not the only solution you have at your fingertips. You can pull the packet capture directly from the Cisco ASA firewall. The Cisco ASA makes this an easy process. Read the article, Read about the product
Cisco ASA's Botnet Traffic Detector logo.png Lori Hyde discusses the new Botnet Traffic Detector feature in the latest version of the Cisco ASA firewall. She explains how it’s supposed to work but wonders how it will fare in the real world. link
Maltego logo.png Maltego is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. link
NarusInsight logo.png NarusInsight is the most scalable traffic intelligence system for capturing, analyzing and correlating IP traffic in real-time.
Net Optics logo.png Net Optics offers a complete suite of passive monitoring solutions. This passive monitoring access technology enables complete, permanent visibility into any network link without data stream interference or introducing a point of failure. Their suite of integrated fiber and copper products include Network Taps, Regeneration Taps, and Data Monitoring Switches, in addition to a complete line of custom security solutions.
NFDUMP [ATTACH] The nfdump tools collect and process netflow data on the command line.
NfSen logo.png Nfsen is a graphical web based front end for the nfdump netflow tools.
OmniPeek logo.png Using OmniPeek’s local capture capabilities, centralized console, distributed engines, and expert analysis, engineers can rapidly troubleshoot faults and fix problems, restoring essential services and maximizing network uptime and user satisfaction. link
tcpxtract logo.png 'tcpxtract is a tool for extracting files from network traffic based on file signatures. Extracting files based on file type headers and footers (sometimes called "carving") is an age old data recovery technique. Tools like Foremost employ this technique to recover files from arbitrary data streams. Tcpxtract uses this technique specifically for the application of intercepting files transmitted across a network.
TheDude logo.png The Dude network monitor is a new application by ?MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems.
Wireshark logo.png Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
[edit] [csv] [zip]

Other Pointers