2. 1
Table of Contents
Microsoft Network Monitor.......................................................................................................2
OpenNMS ..................................................................................................................................4
Xirrus Wi-Fi Inspector...............................................................................................................8
Capsa Free Network Analyzer.................................................................................................10
Advanced IP Scanner...............................................................................................................12
3. 2
Microsoft Network Monitor
Microsoft Network Monitor is a tool for viewing the
contents of network packets that are being sent and
received over a live network connection or from a
previously captured data file. It provides filtering
options for complex analysis of network data.
There are two versions of Network Monitor.
i. The version that can be downloaded from the Microsoft Web site into Windows
Server 2008 is a powerful tool that can capture only traffic sent to or from its own
network interface.
ii. The enhanced version is more powerful and is available in Microsoft Systems
Management Server and System Center Operations Manager (SCOM). This Network
Monitor enables you to run in promiscuous mode, which means it can capture 100
percent of the network traffic available to the network interface. This information is
useful when you set up multiple monitoring stations access your network and then use
a central monitoring point to collect the data.
Knowing who uses a version of the tool in promiscuous mode helps to maintain a secure
network environment because sensitive data can be captured and examined. If you receive
reports that a Windows Server 2008 computer is not responding fast enough, you may want
to isolate the view of the network traffic that is being sent to or from that server. This tool is
useful to determine why a client application is faulting, or to determine if a hacker or virus is
attempting to access the computer over the network.
Features of Network Monitor 3:
Script-based parser model with frequent updates
Concurrent live capture sessions
Support for Windows 7
Support for 32-bit platforms and for 64-bit platforms
Support for network conversations and process tracking
API to access capture and parsing engine
Wireless Monitor Mode Capturing
5. 4
OpenNMS
OpenNMS (Open Network Management
System) is the world’s first enterprise grade
award winning network management
application platform with a long track record
of providing solutions for enterprises and
carriers, developed under the open source
model.
World’s First: The OpenNMS Project was started in July of 1999 and registered on Source
Forge in March of 2000. It has years of experience on the alternatives.
Enterprise Grade: It was designed from “day one” to monitor tens of thousands to
ultimately unlimited devices with a single instance. It brings the power, scalability and
flexibility that enterprises and carriers demand.
Application Platform: While OpenNMS is useful “out of the box,” it is designed to be
highly customizable to create a unique and integrated management solution.
Open Source: OpenNMS is 100% Free and Open Source software, with no license fees,
software subscriptions or special “enterprise” versions. There are no maintenance or upgrade
costs either. You can download, examine, modify and distribute the source code. Commercial
support, development, training, and professional services are available.
OpenNMS was designed to manage tens of thousands of devices from a single server as well
as manage unlimited devices using a cluster of servers. OpenNMS includes a discovery
engine to automatically configure and manage network devices without operator intervention.
It is written in Java and is published under the GNU General Public License.
OpenNMS is listed as one of the top 400 projects on Sourceforge and won the Best Systems
Management Tool at LinuxWorld Expo in August of 2005.
OpenNMS is known for its scalability. Although it can be easily used to manage a
small SMBnetwork, it is scalable enough to be used in place of large enterprise management
products such as HP OpenView, IBM Tivoli or IBM Micromuse.
Features of the openNMS:
1. Automated and Directed Discovery and Provisioning
2. Event and Notification Management
3. Service Assurance
4. Performance Measurement
7. 6
Wireshark
Wireshark is one of the best open source network packet analyser that will try to capture
network packets and tries to display that packet data as detailed as possible.
Some Intended Purposes
Network administrators use it to troubleshoot network problems
Network security engineers use it to examine security problems
Developers use it to debug protocol implementations
People use it to learn network protocol internals
Features
Available for UNIX and Windows
Capture live packet data from a network interface
Open files containing packet data captured with tcpdump/WinDump, Wireshark, and
a number of other packet capture programs
Import packets from text files containing hex dumps of packet data
Display packets with very detailed protocol information
Save packet data captured
Export some or all packets in a number of capture file formats
Filter packets on many criteria
Search for packets on many criteria
Colorize packet display based on filters
Create various statistics
9. 8
Xirrus Wi-Fi Inspector
The Xirrus Wi-Fi Inspector is a utility for monitoring Wi-Fi
networks and managing the Wi-Fi operation of a laptop.
Operating on Windows 7, Vista, or XP, the Wi-Fi Inspector
provides detailed information about available Wi-Fi networks,
management of a laptop’s Wi-Fi connection, and tools to
troubleshoot Wi-Fi connectivity issues. It provides a useful tool
for anyone deploying and operating Wi-Fi.
Applications
The Wi-Fi Inspector can be used for a number of practical applications, including:
• Searching for Wi-Fi networks
• Troubleshooting Wi-Fi connectivity issues
• Verifying Wi-Fi coverage (site survey)
• Managing a laptop’s Wi-Fi connection
• Locating Wi-Fi devices
• Detecting rogue APs
• Verifying AP settings
• Aiming Wi-Fi antennas
• Wi-Fi Education
Features of Xirrus Wi-Fi Inspector
Dynamic radar view displaying local Wi-Fi network names and relative distance.
Detailed information table of all local Wi-Fi networks.
Display of laptop’s Wi-Fi connection details and most important network addresses.
Connection, Quality, and Speed tests for troubleshooting the Wi-Fi network
connection .
Real-time graph of signal strength of one or more Wi-Fi networks with 8 minute
history.
Locate mode for tracking Wi-Fi network signal strength, including audible beep.
Export Wi-Fi networks to .csv file · Directly Connect/Disconnect to Wi-Fi networks.
Option to Enable/Disable Wi-Fi adapter (Windows 7 and Vista only).
Integrated glossary of Wi-Fi terms.
10. 9
Figure: Output of Xirrus Wi-Fi Inspector
The Xirrus Wi-Fi Inspector 1.2.1 release includes the following:
• Updated vendor mac address table to include more manufacturers in the networks
vendor column.
• Changed Speed Test and Quality Test to open a new tab in the default browser
instead of opening a new web control window due to flash compatibility issues.
• Resolved issue that could cause application to crash occasionally on certain
platforms.
• Added instructions on sorting, grouping and filtering of networks to the user guide
• Added a summary display to the Networks window for total SSID’s and BSSID’s.
• Export networks now correctly formats dual channel radios in same column.
11. 10
Capsa Free Network Analyzer
Capsa is a free network management solution which
integrates traffic capture, analysis and statistics, fault
diagnosis, and performance evaluation, to thus help network
administrators troubleshoot the network, ensure the network
security, enhance the network performance, and maximize the
network value. It support for over 300 network
protocols (including the ability to create and customize
protocols), MSN and Yahoo Messenger filters, email monitor
and auto-save, and customizable reports and dashboards. It
was released on 12/15/2015. The latest version is
version 8.1.It has a full size of 64.1 MB.
Capsa Free is a must-have freeware network analyzer for Ethernet monitoring,
troubleshooting and analysis. It provides users with great experience to learn how to monitor
network activities, pinpoint network problems, and enhance network security and so on.
Moreover, Capsa Free is a perfect choice for students, teachers and computer geeks to learn
protocols and networking technology knowledge.
Through Capsa, we can use our own dashboard, important parameters in one place and in
graphs and also record network profile, set your analysis objective and perform customized
analysis. It has Powerful customizable alarm, customize dozens of alarm trigger
combinations. Through Capsa, users can identify and analyze more than 300 network
protocols, create and customize protocols, analyze unique protocol traffic. Intuitive TCP
timing sequence chart, Accurate MSN & Yahoo Messenger monitoring statistics, Email
monitor and auto-saving Email content and enhanced, customizable reports can be generated
via this tool.
Features of Capsa
Extended Network Security Analysis - Accurately detects DoS (DDoS) attack, Worm
activity, ARP attack, TCP port scanning and suspicious conversation and locates the
source and target in real-time.
Versatile Traffic & Bandwidth Statistics - Monitors Network traffic and Network
bandwidth details in graphs and numbers.
Advanced Network Protocol Analysis - Being able to support more than 300 protocols,
Capsa make it easy to analyze protocols in network and understand what is happening.
In-depth Packet Decoding - Capsa captures all network packets transmitted on network
and displays detailed packet decoding information in Hex, ASCII and EBCDIC.
Multiple Network Behavior Monitoring - Monitors HTTP, Email, DNS, FTP, MSN
and Yahoo! Messenger.
12. 11
Extensive Statistics of Each Host - Lists all hosts in network with details (traffic, IP,
MAC, etc.).
Automatic Expert Network Diagnosis - Automatically diagnoses network problems and
suggests solutions.
Visualized Connections in Matrix - Visualizes the entire network in an ellipse, showing
connections and traffic.
Powerful Conversation Analysis - Monitors all conversations and reconstruct packet
stream.
Useful & Valuable Built-in Tools - Free built-in tools to create and replay packets; scan
and ping IPs.
Quick & Intuitive Report - Provides various reports regarding concerned items.
System Requirements
Software Requirements
OS:
Windows XP (SP 1 or later) and 64bit Edition
Windows Server 2003 and 64bit Edition
Windows Vista and 64bit Edition
Windows 2008 and 64bit Edition
Windows 7 and 64bit Edition
Windows 8 and 64bit Edition
Windows 10 and 64bit Edition
Relied Browser:
Internet Explorer 6.0 or higher
Hardware Requirements
Minimum Requirements:
CPU: P4 2.8GHz
RAM: 2GB
Internet Explorer 6.0
Recommended System:
CPU: Intel Core Duo 2.4GHz
RAM: 4GB or more
Internet Explorer 6.0 or higher
Supported Network
Ethernet
Capsa will run with a NDIS 3 or higher compatible Ethernet, Fast Ethernet, or Gigabit
promiscuous mode network adapter.
13. 12
Promiscuous mode is the ability to have Capsa take over the driver and put it into a
mode that will allow it to passively capture all packets on an Ethernet wire, regardless
of the address to which they are being sent/received.
Figure: Output of Capsa free Network Analyzer
14. 13
Advanced IP Scanner
With the increasing size and complexity of networks today
it's a real necessity to have some sort of tool to be able to
check on the health and status of a network. Without one
we will not be able to get a real idea of what is going on
within the environment. Advanced IP Scanner is one such
tool.
Advanced IP Scanner is a reliable and free network
scanner to analyze LAN. The program shows all network
devices, gives access to shared folders and FTP servers,
provides remote control of computers (via RDP and
Radmin), and can even remotely switch computers off. It is
easy to use and runs as a portable edition. It should be the
first choice for every network admin.
Features of the Advanced IP Scanner
Export scan results to CSV
MAC address detection
Easy access to network shares
Remote access
Remote Wake- On LAN and Shut down
No installation required
This tool is developed by Famatech as a freeware. The latest version of this software is the
2.4.2601. File size is 8.39MB. Therefore this will not waste the storage space of the
computers. This is supported by almost all the windows operating systems. This is available
in multiple languages. Recent upgrades to the program include Unicode character support and
Windows 8 compatibility.
By using the Advanced IP Scanner you can quickly scan hundreds of IP addresses
simultaneously on class B and C networks.
Remote shutdown allows you to shut down any remote machine running Windows. You can
also remotely shut down a complete computer class with a few clicks. This comes in handy if
you need to reboot a machine for whatever reason at a remote site that you can't get to.
With the Wake-on-LAN feature you can wake any machine remotely, if the Wake-on-LAN
feature is supported by your network card. This allows you to start up computers that are
powered off by sending a command to the network interface card (NIC) then then proceeds to
start the computer.
15. 14
The Lists of computers saving and loading feature allows you to perform operations with a
specific list of computers. Simply save a list of computers you need and Advanced IP
Scanner will load it at start up automatically. This way you don't have to start from scratch
each time you run the program. You can choose whether to scan your entire network or just
the computers in Favorites list. You are also able to save your Favorites list for scanning
purposes and other operations.
You can scan RDP resources and access them directly from the program and as well as to run
ping, tracert, and SSH commands on a selected computer. It is also possible to launch the
program directly from the installer with no manual installation required.
Advanced IP Scanner is designed to work closely with the developer's Radmin remote
administration software, which adds capabilities. This integration lets you connect via
Radmin (if it's installed) to remote computers with just one click.
IP Scanner lets you scan your network, find all computers running Radmin Server, and
connect to any one of them with one click. The free Radmin Viewer needs to be installed on
your PC for you to access a remote machine running Radmin Server. With Radmin, you can
access the remote PC in Full Control, File Transfer, and Telnet modes.
Because of the above mentioned capabilities and features Advanced IP Scanner is far better
than the other networking devices that we chose.
Figure: Output of Advance IP Scanner