Home

Best Free Network Analysis Tools

Sun, 06/29/2008 - 22:39 — adrianc

Network analysis tools enable diagnosis of problems on a computer network. They generally fall into two categories :

  • Packet Analysers
  • Port Scanners

Packet analysers allow capture and display of individual messages being processed by your computers network card. Port scanners are designed to probe other computers on a network and report interesting information. Both tools are also invaluable for those wanting to learn about networking.

WireShark (formerly Ethereal) has established itself as the de-facto packet analyzer. It can capture packets of standard ethernet, PPP and VPN interfaces. I have used it many times to identify people running heavy reports bringing servers down to a crawl.

Ettercap goes beyond packet capture, allowing investigation and simulation of low level network attacks — ARP cache poisoning, DHCP hijack etc. It can also be extended with external scripts. A powerful tool in the right hands — use carefully on your live network.

Both programs require installation of Windows Packet Capture package (WinPcap). I found it better to install latest winpcap first, rather than versions included with the programs.

Nmap will scan an individual IP address. It will report on open ports, interesting information and the likely type of device/operating system. This tool proved invaluable in proving to a client that the IP address he claimed was a print server in fact had a PC using it. Also requires WinPcap.

Angry IP is a very lightweight program that allows you to quickly scan a range of IP addresses. It provides less information and options than Nmap, but shows open ports and highlights which addresses are active.

 

WireShark

Website: http://www.wireshark.org/about.html
Download: http://www.wireshark.org/download.html
Author: Gerald Combs et al
Current Version: 1.0.2
Version Date: 09-Nov-2007
License: GNU GPL v2
Download File Size: 537 Kb
Operating Systems Supported: 2000/XP/2003/Vista
Additional Software Required: WinPcap (see below)
64 Bit Capable: No
Portable Version Available: Yes
Non-English Languages Supported: None
Other Relevant Information: Builds for Linux, Mac OS and other OS available

 

Ettercap

Website: http://ettercap.sourceforge.net/index.php
Download: http://sourceforge.net/project/showfiles.php?group_id=17435&package_id=130431
Author: Alberto Ornaghi and Marco Valleri
Current Version: 0.7.3
Version Date: 29-May-2005
License: Open Source
Download File Size: 3.33 Mb
Operating Systems Supported: 2000/XP/2003
Additional Software Required: WinPcap (see below)
64 Bit Capable: Not specified
Portable Version Available: No
Non-English Languages Supported: None
Other Relevant Information: Builds for Linux and other OS available

 

Nmap

Website: http://nmap.org/
Download: http://nmap.org/download.html
Author: Adriano Monteiro Marques et al
Current Version: 4.68
Version Date: 28-Jun-2008
License: Open Source
Download File Size: 14.6 Mb
Operating Systems Supported: NT/ME/2K/XP/Vista
Additional Software Required: WinPcap
64 Bit Capable: Yes
Portable Version Available: No
Non-English Languages Supported: Various
Other Relevant Information: Builds for Linux and other OS available

 

WinPcap

Website: http://www.winpcap.org/misc/features.htm
Download: http://www.winpcap.org/install/default.htm
Author: Gianluca Varenni et al
Current Version: 4.0.2
Version Date: 09-Nov-2007
License: BSD
Download File Size: 537 Kb
Operating Systems Supported: 9x/Me/NT/2000/XP/2003/Vista
Additional Software Required: No
64 Bit Capable: Yes
Portable Version Available: No
Non-English Languages Supported: None
Other Relevant Information: 9x/Me supported by older archived versions

 

Angry IP

Website: http://www.angryziber.com/w/About
 Download: http://sourceforge.net/project/showfiles.php?group_id=25534&package_id=18580
Author: Anton Keks
Current Version: 2.21
Version Date:  07-Apr-2004
License: GPL v2
Download File Size: 109 Kb
Operating Systems Supported: 98/ME/2000/XP
Additional Software Required: None
64 Bit Capable: No
Portable Version Available: No
Non-English Languages Supported: None
Other Relevant Information: New cross platform build available as beta

 

Related Topics

 

This software category is maintained by volunteer editor Adrian Cornforth.
 

Bookmark/Search this post with:
#1Submitted by Anonymous on Fri, 10/10/2008 - 13:53.

HOME NETWORK CHATTER

Hi. Quick question -

There has got to be some kind of well-written, easy-to-use freeware (or a few different programs that can be used to get different partial views of what I'm looking for) that can listen to the chatter on my home network and figure out:

** what-all devices are attached (even if the device is being stingy about letting others know it is on the network)
** determine which device(s) is/are the biggest chatterboxes
** tell which device is talking to which other device
- and why
- and what it's saying to the other device
- or what it wants from the other device
** put into layman's terms what all the traffic is
** be able to summarize the the transmissions in addition to providing each transmission (and still putting each into layman's terms)

** be able to work on XP and Vista

My home network has SO MUCH CHATTER on it it is rediculous!
I have a cat5 network storage device and the ntwk light is blinking constantly and the drive light is also blinking as well so there's something wierd going on there.

I think my wireless printer is also talking up a storm as well.
I think all this BS chatter is slowing down the meaningful traffic and reducing the throughput.

Thanks for reading and thanks in advance for any help you can provide.

#2Submitted by Anonymous on Tue, 10/07/2008 - 08:02.

Hi Guys,

I think you should also consider Advaance IP Scanner, Advance LAN Scanner and Advance Port Scanner from RADMIN.

http://www.radmin.com/products/utilities/index.php

Shakeel

#3Submitted by Anonymous on Wed, 10/01/2008 - 14:02.

Hello!
http://sourceforge.net/projects/packetyzer/
;-)
kimu

#4Submitted by rezkit on Wed, 09/17/2008 - 13:26.

Here's a good one... Look@LAN. It seems more appropriate in the port scanner sub-cat, but has a lot more up its sleave than that. It sure is worth evaluating.

http://www.lookatlan.com/

#5Submitted by Anonymous on Tue, 08/05/2008 - 10:00.

Isn't there a network scanner that works for dial-up? I guess you forgot to mention the free Microsoft Network Monitor, but that doesn't work for dial-up either.

#6Submitted by chris.p on Tue, 08/05/2008 - 05:40.

Adrian,

Are traceroute apps in this group?

chris.p

#7Submitted by adrianc on Mon, 08/11/2008 - 13:46.

Hi Chris, there is a seperate category for traceroute that has not been included in the security group. As they are closely linked I have added a Related Topic link to it.

Adrian

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <b> <address> <blockquote> <br> <caption> <center> <code> <dd> <del> <div> <dl> <dt> <em> <font> <h2> <h3> <h4> <h5> <h6> <hr> <i> <img> <li> <ol> <p> <pre> <span> <strong> <sub> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <tr> <u> <ul> <tr>
  • Lines and paragraphs break automatically.

More information about formatting options