Netcap
Páginas: 5 (1204 palabras)
Publicado: 13 de julio de 2012
IJCSt Vol. 2, ISSue 3, September 2011
ISSN : 2229-4333(Print) | ISSN : 0976-8491(Online)
NetCap: A Packet Sniffer in Java
1
1,2
Rajan Parmar, 2Hetal Patel
Nirma University, Ahmedabad, India
Abstract
A packet sniffer is a wiretap device that plugs into computer
networks; unlike telephone circuits, computer networks are
shared communication channels. Sharing means that computerscan receive information that was intended for other machines
(HUB). NetCap is a type of packet sniffer software that captures
the network data as well as provides sufficient means for decision
making process of administrator. This paper illustrates NetCap
and its benefits over existing packet sniffers. NetCap is developed
in Java totally as well as it consumes very less memory on the
harddisk. It encompasses many functionalities like 3D pie chart
statistics, possible malicious IP address detection, TCP flow
graph, various coloring rules and filters that may be applied to the
captured tabulated network data. It can be used for offline capture
also for reading “pcap” file format. NetCap is developed in Java
so it inherently contains the platform independence, but somefunctionalities may be applied in Windows only. The software
contains a rich and easy to use Graphical User Interface (GUI)
as well as a help file to guide the novice user and help the expert
user to exploit its functionalities fully
Keywords
Packet Sniffer, IP address, Java, Libpcap, Jpcap, Winpcap
I. Introduction
A packet sniffer is a wiretap device that plugs into computer
networks; unliketelephone circuits, computer networks are
shared communication channels. Sharing means that computers
can receive information that was intended for other machines
(HUB) [1]. There are many packet sniffer softwares available in
the market. The most popular among them is TcpDump [2] and
Wireshark [3]. Though they are very good softwares for packet
sniffing, there are some limitations associatedwith these softwares.
II. Limitations of Existing Packet Sniffer Softwares
TcpDump is very economical in terms of memory because its
installation file size is just 484 KB. TcpDump does not have a user
friendly Graphical User Interface (GUI). So the user has to study
those commands and get acquainted with the command prompt
like screen. That limitation may play a key role in not choosing itfor use. On the other hand Wireshark has a very good user friendly
GUI. But its installation file size is 18 MB and after installation it
will consume 81 MB in Windows and a hefty 449 MB in Linux.
So in terms of memory requirements, it is very expensive.
III. NetCap
We have developed NetCap which is a packet sniffer totally
developed in JavaTM. NetCap does not have both the limitations
aswell as it adds some of the advantages to the packet sniffing.
A. Advantages
NetCap has a very rich and user friendly GUI developed in Java
Swing Technology. Thus it is totally easy to use.With Java, the
most considerable advantage is platform independence. So NetCap
is also platform independent. The installation file for NetCap
is only 587 KB, so it is highly economical in terms of memoryuse. The additional advantage of NetCap is, it detects the Denial
Of Service (DOS) attack as well as ARP cache poisoning and
w w w. i j c s t. c o m
immediately notifies the user about it. That functionality is not
available in any of the available packet sniffer software. The user
has to manually analyze all the packets and decide it.
B. Disadvantages
The main disadvantage of NetCap is thatit is still in development
stage so it is not able to identify all the protocols. Some
functionalities are not available in NetCap, but due to only 2
developers working on it, it will take time to incorporate those
functionalities. But it contains basic features of the packet sniffer
software that are used by general user.
C. Basic Requirements
For installation on Windows it will require...
ISSN : 2229-4333(Print) | ISSN : 0976-8491(Online)
NetCap: A Packet Sniffer in Java
1
1,2
Rajan Parmar, 2Hetal Patel
Nirma University, Ahmedabad, India
Abstract
A packet sniffer is a wiretap device that plugs into computer
networks; unlike telephone circuits, computer networks are
shared communication channels. Sharing means that computerscan receive information that was intended for other machines
(HUB). NetCap is a type of packet sniffer software that captures
the network data as well as provides sufficient means for decision
making process of administrator. This paper illustrates NetCap
and its benefits over existing packet sniffers. NetCap is developed
in Java totally as well as it consumes very less memory on the
harddisk. It encompasses many functionalities like 3D pie chart
statistics, possible malicious IP address detection, TCP flow
graph, various coloring rules and filters that may be applied to the
captured tabulated network data. It can be used for offline capture
also for reading “pcap” file format. NetCap is developed in Java
so it inherently contains the platform independence, but somefunctionalities may be applied in Windows only. The software
contains a rich and easy to use Graphical User Interface (GUI)
as well as a help file to guide the novice user and help the expert
user to exploit its functionalities fully
Keywords
Packet Sniffer, IP address, Java, Libpcap, Jpcap, Winpcap
I. Introduction
A packet sniffer is a wiretap device that plugs into computer
networks; unliketelephone circuits, computer networks are
shared communication channels. Sharing means that computers
can receive information that was intended for other machines
(HUB) [1]. There are many packet sniffer softwares available in
the market. The most popular among them is TcpDump [2] and
Wireshark [3]. Though they are very good softwares for packet
sniffing, there are some limitations associatedwith these softwares.
II. Limitations of Existing Packet Sniffer Softwares
TcpDump is very economical in terms of memory because its
installation file size is just 484 KB. TcpDump does not have a user
friendly Graphical User Interface (GUI). So the user has to study
those commands and get acquainted with the command prompt
like screen. That limitation may play a key role in not choosing itfor use. On the other hand Wireshark has a very good user friendly
GUI. But its installation file size is 18 MB and after installation it
will consume 81 MB in Windows and a hefty 449 MB in Linux.
So in terms of memory requirements, it is very expensive.
III. NetCap
We have developed NetCap which is a packet sniffer totally
developed in JavaTM. NetCap does not have both the limitations
aswell as it adds some of the advantages to the packet sniffing.
A. Advantages
NetCap has a very rich and user friendly GUI developed in Java
Swing Technology. Thus it is totally easy to use.With Java, the
most considerable advantage is platform independence. So NetCap
is also platform independent. The installation file for NetCap
is only 587 KB, so it is highly economical in terms of memoryuse. The additional advantage of NetCap is, it detects the Denial
Of Service (DOS) attack as well as ARP cache poisoning and
w w w. i j c s t. c o m
immediately notifies the user about it. That functionality is not
available in any of the available packet sniffer software. The user
has to manually analyze all the packets and decide it.
B. Disadvantages
The main disadvantage of NetCap is thatit is still in development
stage so it is not able to identify all the protocols. Some
functionalities are not available in NetCap, but due to only 2
developers working on it, it will take time to incorporate those
functionalities. But it contains basic features of the packet sniffer
software that are used by general user.
C. Basic Requirements
For installation on Windows it will require...
Leer documento completo
Regístrate para leer el documento completo.