SmartSniff

Overview

When thinking of a network monitoring utility that provides users with the liberty of capturing TCP/IP packets that go through network adapters, as well as, take a bright look at the data obtained in the form of interaction between client and servers, SmartSniff comes to mind as one of the best options. TCP/IP conversations have a choice of being viewed from the Ascii mode perspective (used for text-based protocols such as HTTP and FTP) or hex dump (Used for non-text-based protocols like DNS). There are three methods used by SmartSniff when capturing TCP/IP packets, and they include; Raw sockets, as a method that can only be used for windows 2000/XP or higher. TCP/IP packets are allowed to be captured on the network without the installation of a capture drive when using the ‘Raw sockets’ method. There are, however, some limitations and problems when this method is in play, one of which is its inability to capture outgoing UDP and ICMP packets. The ‘WinPcap Capture Driver’ also, is a method of packet capture provided by SmartSniff, this method gives room for TCP/IP packet captures on every Windows operating system. One must download and install WinPcap Capture Driver o take full advantage of it. This method most glorifying attribute is its preference as a model of TCP/IP packet capture when using SmartSniff, as it works better than the Raw Sockets method. 

Microsoft Network Monitor

Microsoft Network Monitor Driver is the third of the three methods provided by SmartSniff for TCP/IP data capturing. This is a free capture driver supplied by Windows, which can be used by SmartSniff. However, this driver doesn’t get to be installed by default. Users have to manually install it by using one of two options, one of which includes installation from CD-ROM of Windows 2000/XP and the other is to download and install the Windows XP Service Pack 2 Support Tools. One of the tools that will be found in this package is netcap.exe which when ran will lead to the automatic installation of the Network Monitor Driver on the user system.

 As long as there is a prior installation of WinPcap* capture driver on a Windows system that works perfectly with the available network adapter, SmartSniff is capable of capturing packets on any version of the Windows operating system. Also, SmartSniff can be used with the capture driver of Microsoft Network Monitor if it is available and installed on the user system. When using windows 2000/XP or higher, SmartSniff is allowed to capture TCP/IP packets without the installation of a capture driver but by using the ‘Raw sockets’ method.  * WinPcap is no longer supported, Npcap can be installed.