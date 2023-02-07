Application to comfortably monitor your network traffic
Multithreaded, cross-platform, reliable
Application translated in:
More languages will be supported in the upcoming releases
Installation
You can install Sniffnet in one of the following ways:
from Crates.io
Follow this method only if you have Rust installed on your machine.
In this case, the application binary can be installed with:
cargo install sniffnet
from GitHub releases
You can install Sniffnet through the installers available in the latest release.
Choose between a Windows installer, a DEB package, or a macOS disk image (depending on your operating system).
Required dependencies
Depending on your operating system, you may need to install some dependencies to run Sniffnet:
Windows dependencies
In order to correctly run Sniffnet on Windows systems you need to:
Linux dependencies
In order to correctly run Sniffnet on Linux systems, install the libraries and header files for the libpcap library:
sudo apt-get install libpcap-dev
Note that if you are not running as root, you need to set capabilities to inspect a network adapter:
sudo setcap cap_net_raw,cap_net_admin=eip <your/Sniffnet/executable/path>
Most Linux system also need this dependency (required to build the library used to play sounds):
sudo apt-get install libasound2-dev
Depending on your Linux environment you may also need
libfontconfig:
sudo apt-get install libfontconfig libfontconfig1-dev
Features
💻choose a network adapter to inspect 🏷️select filters to apply to the observed traffic 📈view real-time charts about traffic intensity (bytes and packets per second, incoming and outgoing) 🔉set custom notifications to inform you when defined network events occur (data rate exceeded a specified threshold, or new data have been exchanged from your favorite connections) 📖view overall statistics about the filtered traffic ⭐view most relevant connections in real time (most recent, most packets, most bytes, favorites) 🌍get information about the country of the remote address (IP Geolocation) 📁save complete textual report with detailed information for each connection:
- source and destination IP addresses
- source and destination ports
- carried protocols
- amount of exchanged packets and bytes
- initial and final timestamp of information exchange
- ... and more!
IP Geolocation
See details
Geolocation refers to the remote IP address of the connection, and it's performed against a MMDB file:
The MMDB (MaxMind database) format has been developed especially for IP lookup. It is optimized to perform lookups on data indexed by IP network ranges quickly and efficiently. If you want the best performance on your IP lookups for use in a production environment, you should use the MMDB format files.
This format potentially allows Sniffnet to execute different hundreds of IP lookups in a matter of a few milliseconds.
Sometimes it is not possible to determine the location of an IP address; this is most likely due to the address being a private IP address.
Supported application layer protocols
See details
Please, note that application layer protocols are just inferred from the transport port numbers.
|Port number(s)
|Application protocol
|Description
|20, 21
|FTP
|File Transfer Protocol
|22
|SSH
|Secure Shell
|23
|Telnet
|Telnet
|25
|SMTP
|Simple Mail Transfer Protocol
|49
|TACACS
|Terminal Access Controller Access-Control System
|53
|DNS
|Domain Name System
|67, 68
|DHCP
|Dynamic Host Configuration Protocol
|69
|TFTP
|Trivial File Transfer Protocol
|80, 8080
|HTTP
|Hypertext Transfer Protocol
|109, 110
|POP
|Post Office Protocol
|123
|NTP
|Network Time Protocol
|137, 138, 139
|NetBIOS
|NetBIOS
|143, 220
|IMAP
|Internet Message Access Protocol
|161, 162, 199
|SNMP
|Simple Network Management Protocol
|179
|BGP
|Border Gateway Protocol
|389
|LDAP
|Lightweight Directory Access Protocol
|443
|HTTPS
|Hypertext Transfer Protocol over SSL/TLS
|636
|LDAPS
|Lightweight Directory Access Protocol over TLS/SSL
|989, 990
|FTPS
|File Transfer Protocol over TLS/SSL
|993
|IMAPS
|Internet Message Access Protocol over TLS/SSL
|995
|POP3S
|Post Office Protocol 3 over TLS/SSL
|1900
|SSDP
|Simple Service Discovery Protocol
|5222
|XMPP
|Extensible Messaging and Presence Protocol
|5353
|mDNS
|Multicast DNS
Troubleshooting
See details
Missing dependencies
Most of the errors that can occur are likely due to your system missing required
pcap dependencies,
necessary to correctly analyze a network adapter.
Check the required dependencies section for instructions on how to proceed.
For a Windows reference, you can check issue #1.
Note that most Linux system also need this dependency (required to build the library used to play sounds):
sudo apt-get install libasound2-dev
Some Linux systems also need
libfontconfig, see issue #18 for a reference.
Installers incompatibilities
If you have problems after having installed Sniffnet through the provided installers,
it could be due to your OS not being compatible with the pre-built binaries I generated for you.
Reach me out, and I'll try to generate an installer for your specific operating system.
open an issue, and I will do my best to help you!In any case don't hesitate to
Contribute
Do you want to improve Sniffnet? Check here
Sniffnet is also open to design contributions: