packetsniffer.blogr.com - Blog (RSS 2.0)

How to Detect Email Worm with Colasoft P...

packetsniffer — Wed, 24 Jun 2009 12:09:34 +0200

What Is an Email Worm In networking, an email worm is a computer worm which can copy itself to the shared folder in system. And it will keep sending infected emails to stochastic email addresses. In this way, it spreads fast via SMTP mail servers.

What Is the Harm of Email Worm
An email worm can send lots of infected emails in a very short time and it will never stop unless it’s removed. It will cause a large traffic and make the system go slowly. Sometimes it even makes the mail server crash.

How to Detect Email Worm
If you are suspicious some host in your network is infected with an email worm, here is a process how we can detect email worm" in network with Colasoft Packet Sniffer, step by step.

>Step1. Download a free trial and deploy it properly.

>Step2. Launch a Project and Start Capturing Some Traffic.

>Step3. Switch to “Diagnosis” Tab
Diagnosis tab is a view we can see all the network issues automatically detected by Colasoft Packet Sniffer, also some causes and solutions are suggested.

If there is a host infected with an email worm, we should be able to see SMTP events in the application layer like this:

>Step4. Locate the Source IP
Possibly the source IP is the host infected with an email worm as it is sending too many emails in a short period of time with SMTP. So let’s locate the source IP in the “Explorer” with the “Locate” shortcut in the right-click menu.

>Step5. Switch to “Logs” Tab
Check if the host is sending emails to a large number of recipients in a very short period of time. If so, we can determine the host is infected with an email worm and should be handled immediately. We should be able to see logs in the Tab like this:

No doubt the final step is to isolate the host and kill the email worm with some AV software

Also there will be some other process to detect email worm with Colasoft Packet Sniffer, this is the shortest one.

How to detect the network malfunction vi...

packetsniffer — Thu, 11 Jun 2009 09:34:37 +0200

Brief introduction about the Endpoint view in Colasoft Packet Sniffer

It is divided into Mac endpoint and IP endpoint in Colasoft 6.9. Users can detect the IP/Mac endpoint in the largest traffic in a short time by the endpoint analytics. And also, The system supply clear statistics of traffic ranking(Top 5 IP endpoint under HTTP protocol).

In the Endpoint view, we can see the specific traffic situation clearly of all the hosts(Including a network segment, a Mac address, and a IP address) in the currently network. Like the hosts with the largest total traffic, hosts that send/receive the largest traffic, hosts that send/receive the most packets, etc.

According to this information, we can confirm that if there are Broadcast / multicast storm, and help users detecting the network malfunctions about network slow, network disconnect, worm attack, DOS attack, and all the malfunctions besides.

Application case study Once we meet the network malfunction or attack, what the most important thing we should pay attention to, is the currently total network traffic, sent/received traffic, network connection etc, to get a clear direction to find the problem. And, all of this information are included in the endpoint view in Colasoft Packet Sniffer 6.9(figure 1):

In figure 1 we can make a compositor on the total traffic, network connection and other related information, to find and locate the host with largest traffic or most connections in the network. For example, at present, the host with the largest network connection is , we can locate the host, then check the related connection information(figure 2):

The connection information shown as the figure 2, we can know that has set up a large amount of TCP connection with other hosts, and the destination address and destination endpoint are indefinite, and Many of the state is to connect client requests synchronization.

Next, check the TCP packets, we can check them out in Summary and Graphic as follows:

In the TCP packets information, we found has sent TCP synchronization packet, and the TCP FIN packets and TCP Reset packets are, this is deviant in the network.

Please go to the Colasoft Official FAQ page for more "How-tos"

How to Track BitTorrent User in Network...

packetsniffer — Wed, 10 Jun 2009 12:01:58 +0200

BitTorrent Consumes Big Bandwidth
Based on the working principle of BitTorrent protocol, if somebody is downloading big files with BitTorrent software, it will be a disaster for other users who need bandwidth for business operations as the user will consume large amount of bandwidth, thus causing long time network slowness, intermittence, even disconnections; because meantime the user downloading files from others, others are downloading files from him.

So it is necessary for IT administrators to track BitTorrent user at first place to regain network bandwidth for business operations. Blocking BitTorrent protocol can be one way; this article is to discuss how to track BitTorrent user with Colasoft Packet Sniffer .

How to Track BitTorrent User?

>Step1. Download a free trial and implement it correctly

>Step2. Launch a project and start capturing data

>Step3. Find BitTorrent Protocol in the "Protocols" Tab

>Setp4. Locate BitTorrent Protocol in the "Explorer"
Use the "Locate" function to locate BitTorrent protocol in the "Explorer" to analyze dedicated data.

>Step5. Track BitTorrent User in LAN in the "Endpoint" Tab
This is the way how to track the BitTorrent user in our network and who are connected with him. There is a lot more we can see from this tab, such as how much data has been downloaded and uploaded via BitTorrent protocol.

View how many connections have been built in "Matrix"
You’ll be shocked to see how many connections have been built in the "Matrix" Tab. In this case, we can see this user has built more than 1000 connections with other hosts.

About BitTorrent
BitTorrent is a peer-to-peer file sharing protocol used for distributing large amounts of data. BitTorrent is one of the most common protocols for transferring large files.

The protocol works when a file provider initially makes his/her file (or group of files) available to the network. This is called a seed and allows others, named peers, to connect and download the file. Each peer that downloads a part of the data makes it available to other peers to download. After the file is successfully downloaded by a peer, many continue to make the data available, becoming additional seeds. This distributed nature of BitTorrent leads to a viral spreading of a file throughout peers. As more peers join the swarm, the likelihood of a successful download increases. Relative to standard Internet hosting, this provides a significant reduction in the original distributor's hardware and bandwidth resource costs. It also provides redundancy against system problems and reduces dependence on the original distributor.

Next Step
>>Download a Free Trial

Business IM: Risks and Resolutions

packetsniffer — Tue, 09 Jun 2009 07:12:21 +0200

Do your users use IM in your network? If I ask this questions, I believe above 95% network administrators will answer: Yes, of course.

MSN, Yahoo IM, Aol IM, Google Talk etc,with the rapid development of instant messaging tools,which are not just used for personal entertainment, but for workplace tools. However,according to a survey on the internet, most IM users are ignorant of its risks that may cause to the organization. Here we list the main Business IM Risks and Resolutons :

? Information leaks – Confidential materials, intellectual property, or proprietary information can be revealed, either intentionally or accidentally,through IM sessions or file transfers.

? Worms, viruses, etc. – Numerous malware programs target public IM systems and allow them to bypass standard firewalls and mail server antivirus systems.

? Network hacks and intrusions – Hackers use IM operating ports to bypass other security barriers and enter the corporate network unimpeded.

? Compliance, regulatory, or legal violations – Organizations subject to government oversight and compliance mandates may find themselves creating legal issues by failing to properly monitor, log, and regulate IM sessions and content.

? Productivity loss – Idle chat can disrupt employee productivity.

So many risks IM has, does it mean that we have to prohibit Instant Messaging in workplace, of course not, IM has its irreplaceable benifits other than other communication methods,as email, phone call, SMS. but we have some good suggestions to decrease the IM risks.

Deploy network analysis tools like Colasoft Network Analyzer in your computer, to detect network intrusion attempts, monitor network usage, gain information for effecting a network intrusion.

Regularly remind your users to update or upgrade their antivirus software

Create written policies – Clearly and explicitly define acceptable and unacceptable use of instant messaging within the business environment.

How to Monitor MSN Chat with Free Unipee...

packetsniffer — Mon, 08 Jun 2009 09:56:31 +0200

For some purposes we want to monitor MSN chat around the network, for example, parents want to monitor MSN chat of their kids to ensure their safety; bosses want to monitor MSN chat of employees for company assets security and to improve work efficiency by minimizing none-business chat during working hours. You may still remember Colasoft MSN Monitor, now it is called Unipeek MSN Monitor and it is distributed completely Free for none commercial users.

Now let’s see how we can monitor MSN chat with Unipeek MSN Monitor, the free tool.

Step1. Download Unipeek MSN Monitor

Download Unipeek MSN Monitor , the free edition; from the website. As a matter of fact there is no function difference between Unipeek MSN Monitor the free edition and the commercial edition. The only difference is Unipeek MSN Monitor Free Edition only supports 10 MSN accounts maximum, but quite enough for family users.

Step2. Install and Deploy Unipeek MSN Monitor

The installation is quick and simple, just click “next” all the way to complete the installation. But the deployment is somewhat different. As Unipeek MSN Monitor is designed based on Colasoft ’s packet capturing technology, so it has to be deployed properly like a packet sniffer if you want to monitor all MSN chat around the network. Of course, you don’t have to do it if you only want to monitor MSN chat of a single computer. To monitor multiple computers, you can install multiple copies.

Setp3. Run it and Start Monitor MSN Chat

After proper installation and deployment, we can start monitoring MSN chat right away.

About Unipeek MSN Monitor Unipeek MSN Monitor (MSN sniffer) is Free MSN monitoring software for MSN chat monitoring and MSN message archiving. Based on Colasoft's packet analysis technology, Unipeek MSN Monitor is able to deliver the most accurate MSN monitoring statistics, and automatically record data for future reference. You need only install Unipeek MSN Monitor once to monitor all MSN chats over the local network.

Key Features include:
• Real-time and 24/7 MSN chat monitoring

• Automatically archive MSN messages for future reference

• Export messages of a custom time range

• Customize MSN account list to be monitored

• Unique Conversation Matrix showing account relations

• Support emotion icons, message font size and color.

Download Now
Download Unipeek MSN Monitor

10 Technologies to Help Cut Costs in the...

packetsniffer — Wed, 03 Jun 2009 11:46:06 +0200

KUB365 -- Administrator of bytes.com _________________________________________________________

There's no escaping the slowing economy. Layoffs are being announced and companies are in cost cutting mode. Whether you are a tech at a big company or a small one man operation it's time to cut the fat before you get cut out of work. Unnecessary expenses have to go and inefficient ways of working need to be analyzed and improved.

If done right, the use of some technologies can greatly reduce costs and make us more efficient. Here are ten technologies every techie should consider to help cut costs in this slow economy:

1) Open Source

Dump the high cost proprietary systems for equivalent open source systems where you can. There are many operating systems, databases, content managment systems, communications tools, networking and administration tools that are open source and free to use. Choose mature products with a strong community following and plenty of available support options either via developers or third party support offerings.

2) Software as a Service

Instead of spending money on time on developing complex in-house solutions to CRM, support and project management use SaaS providers such as Sales Force, Google, 37Signals and Right Now . Not only do you save money by using these third party tools by cutting development costs, but you also reduce costs on specialized hardware to run similar in-house solutions. Many SaaS solutions can also be integrated via the providers API's.

3) Virtualization

Do you have multiple servers and workstations handling different tasks? Combine them into one machine. With virtualization suites such as ones offered by VMware you can take one machine and turn into multiple virtual machines. One machine can act as your web server, your network share and your exchange server. Each virtual machine will work independent of the other and optimize utilization of hardware resources.

4) Thin Clients

Employees no longer need to use expensive machines for light computing work such as emailing and using basic office work. Low powered thin-clients connected to a single multi-core system with x64 architecture and virtualization can power the work of multiple employees. Besides better utilization of hardware and energy, you also introduce efficiency for IT managers by reducing the # of systems they have to manage.

5) Enterprise 2.0

Get your organization connected and sharing information. Use intranet systems with built in messaging, voice messages, wikis, profiles and contact information. Keeping your employees connected and sharing information about your business can keep the organization from making costly decisions.

6) Digital Documents

Move as much of your company's paper usage to digital as you can. Not only do you save money with printing you also save money on office space to store all that paperwork. Other ways to save more on printed costs is move to email for memos and letters. Also consider e-fax services as an alternative to fax machines.

7) Fast Efficient Networks

Using all these cost savings technologies will require a fast internal network and fast bandwidth coming in. These days companies and individuals can subscribe to fiber-optic bandwidth providers. With higher bandwidth network such as fiber lines, you can also server voice and video through the same connection. Internally make sure you've upgraded as much of your hardware to gigabit speeds. Newer networking gear tends to be more energy efficient and capable of handling faster network speeds. A fast network means less waiting for employees and more working.

8) Data Storage

Storing as much of your company's data and information on the network keeps it accessible for employees and staff to use at any time from any location. This saves employees from physically having to search for the required data or information. The time savings will make your staff more efficient. Saving data on cheap mass storage hard drives saves you office space for storing documents and paper work.

9) Wireless

With wireless connectivity employees can work from anywhere. They are no longer stuck to their desk and their mobile systems such as laptops can move with them from meetings to conference areas. An added benefit of wireless systems are the savings in running wire for hard networking.

10) Virtual Office

Cut the overhead costs of keeping employees on site by allowing them to work from home. Virtual offices reduce the amount of resources required for equipment and office space. Many companies have already instituted virtual office policies and have realized great results from doing so. With virtual offices upfront investments in secure networking will be required. Setting up VPNs and access to other network resources for employees will be a must.

Willis Huang Oversea Department. Colasoft Co., Ltd.

About Colasoft

Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use network analyzer for customers to monitor, analyze, and troubleshoot their network. Up to now, more than 4000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. The company also offers four free network utilities: Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more today at http://www.colasoft.com/

How to Troubleshoot Slow Internet Connec...

packetsniffer — Tue, 02 Jun 2009 10:25:47 +0200

Follow these steps to diagnose your slow Internet connections

1. Configure Broadband Router Settings Properly

Improperly broadband router configuration will probably lead to slow internet connections. keep consisting your router's settings with the manufacturer's and your Internet Service Provider (ISP) recommendations.

2. Reposition Router and Change WI-Fi Channel Number

Signal interference which requires computers to resend messages to overcome signal issues constantly may affect the performance of Wi-Fi and other types of wireless connections, repositioning your router and changing your Wi-Fi channel number may benefit your connection performance.

3. Run Antivirus Software Regularly To Diagnose and Remove These Worms

Internet worm may begin generating huge network traffic, causing slow network connection if any of your computers are infected. Remember to run antivirus software regularly to diagnose and remove these worms from your computers.

4. Don't forget the Running Background Applications

Some useful background applications, like Peer to peer (P2P) programs, will greatly consume network recourses. Therefore, don’t be blind to the running background applications when facing slow network connection issues.

5. Temporarily Re-Arrange and Re-Configure Your Gear

Faulty network equipment typically won't support connections. To troubleshoot potentially faulty equipment, temporarily re-arrange and re-configure your gear while experimenting with different configurations. Try bypassing the router, swapping cables and changing network adapters to isolate the slow performance to a specific component of the system.

6. Inquire Your Service Provider

Internet speed ultimately depends on the service provider. Don’t forget to inquire your ISP about what happened if you suspect they have main responsibility in your poor connection performance.

Conclusion Reasons for slow connection are diversified, the 6 tips for troubleshooting slow internet connections are basic solutions that may guide you when suffering network connection problems,moreover, to diagnose and troubleshoot the issues manually is not an easy work. nowadays, many network administrators usually choose some easy - to - use network analysis tools, like Colasoft Network Analyzer (also called packet sniffer, network sniffer, protocol analyzer) to monitor,analyze, and troubleshoot their network in minutes.

Ten Reasons Make Packet Sniffers an Esse...

packetsniffer — Thu, 14 May 2009 12:06:45 +0200

No matter whether you are network administrators or IT managers, you should not be unfamiliar to the network analysis tool - packet sniffer , also known as a network analyzer, protocol analyzer or sniffer ) which has been widely used by kinds of organizations, schools, enterprises, government institutions etc.

Maybe you are yet supirsed at why more and more enterprises, like IBM, Intel, Epson, Airbus, Ericsson etc, love to deploy packet sniffer to their company's network? OK, take a fresh coffee now, then look at the following problems, and ask yourself, as a network administrator or IT manager , if these issues are just what you have met?

Rushing from one network problem to another every day?

Have no way to judge if your network has been intruded?

Helpless collecting convincing information to submit your boss even if you have realized that your network system has been intruded.

No idea if current network usage is equal to actual need?

Know nothing of how many staffs are not killing their time by chatting with friends, browsing irrelevant webpage etc, but focusing on their job?

Yes, every question listed above has puzzled many network administrators, but no worry, packet sniffer can easily help you out with its strong functions, here are ten reasons make packet sniffers an essential network tools.

* Analyze network problems
* Detect network intrusion attempts
* Gain information for effecting a network intrusion
* Monitor network usage
* Gather and report network statistics
* Filter suspect content from network traffic
* Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use)
* Reverse engineer proprietary protocols used over the network
* Debug client/server communications
* Debug network protocol implementations

Currently, there are dozens of packet sniffers in the market, some are very complex to use like wireshark, you must be versed in networking,; some are designed for common network administrators, such as Colasoft Network Analyzer , all-in-one & easy-to-use , which are more and more accepted and welcome.

How to Find MAC Address with Colasoft MA...

packetsniffer — Tue, 12 May 2009 09:14:38 +0200

In computer networking, a Media Access Control address (MAC address ) is a unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification, and used in the Media Access Control protocol sublayer. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number. It may also be known as an Ethernet Hardware Address (EHA), hardware address, adapter address, or physical address.

Since a MAC Address is unique for most network adapters or network interface cards (NICs), it is important for IT administrators to know all the MAC addresses in LAN so as to quickly locate a network device when a network issue arises. Luckily we have tools to help us out. Let’s see how we can easily find MAC address in LAN with Colasoft MAC Scanner.

Colasoft MAC Scanner is a Free software to find MAC address and IP address. It can automatically detect all subnets according to the IP addresses configured on multiple NICs of a machine and find MAC addresses and IP addresses of defined subnets as your need. Users can custom own scan process by specifying the subsequent threads.

Step 1. Download Colasoft MAC Scanner

Step2. Install Colasoft MAC Scanner

The installation of Colasoft MAC Scanner is quick and easy, it is suggested to install Colasoft MAC Scanner on a laptop as it only scans and finds MAC addresses and IP addresses in the subnet to which the laptop is connected.

Step3. Start a Scan

It’s easy and quick, just press the start button, the Colasoft MAC Scanner will scan and find MAC addresses and IP addresses in the subnet and list them out. The results can be “copy and paste” or exported for future reference.

Now the problem is: if a LAN is divided into several subnets, we’ll have to move the laptop around and scan each subnet in order to find all MAC addresses and IP addresses. Then what’s the solution?

Find MAC Address and IP Address with Colasoft Packet Sniffer

Colasoft Packet Sniffer allows us to find MAC addresses and IP addresses both local and remote in the network as long as there is network communication initiated.

>>>>Download Colasoft Packet Sniffer Now

How Public Key Encryption Can Make Email...

packetsniffer — Thu, 07 May 2009 09:19:43 +0200

When you are entering your credit card number, talking with your lover, chatting with your business partners, can you imagine what will happen if everything you are doing is exposing to everybody?

Yes, it is unbelievable but it is quite true, hackers can easily obtain your private information like crecit card number, email logs, chat logs etc. by using some network analytic tools, such as Colasoft Packet Sniffer .

Protect Your Email Secure And Safe So if we are helpless with our private information from being monitored or stolen? Of course not, to keep data sent via email private, you just need to encrypt it, as only unencrypted content can be monitored by network analytic tools like Network Analyzer . Only the targeted recipient will be able to decipher the message.

How to Encrypt Your Message? Public key encryption is a special case of encryption, it operates using a combination of two keys: one is a private key, the other is a public key which together form a pair of keys. The private key is kept secret on your computer since it is used for decryption, the public key, which is used for encryption, is given to anybody who wants to send encrypted mail to you.

How Public Key works? When you send public-key encrypted mail, the sender's encryption program uses your public key in combination with the sender's private key to encipher the message. When you receive public-key encrypted mail, you need to decipher it. Decryption of a message enciphered with a public key can only be done with the matching private key. This is why the two keys form a pair, and it is also why it is so important to keep the private key safe and to make sure it never gets into the wrong hands (or in any hands other than yours).

Why the Integrity of the Public Key is Essential Another crucial point with public key encryption is the distribution of the public key.
Public key encryption is only safe and secure if the sender of an enciphered message can be sure that the public key used for encryption belongs to the recipient.
A third party can produce a public key with the recipient's name and give it to the sender, who uses the key to send important information in encrypted form. The enciphered message is intercepted by the third party, and since it was produced using their public key they have no problem deciphering it with their private key.
This is why it is mandatory that a public key is either given to you personally or authorized by a certificate authority.

Kismet, an 802.11 Layer2 Wireless Networ...

packetsniffer — Tue, 05 May 2009 08:51:54 +0200

What is Kismet

Kismet is an 802.11 layer2 wireless network detector, packet sniffer , and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, 802.11n, and 802.11g traffic (devices and drivers permitting). Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of non-beaconing networks via data traffic.

Feature Overview

Kismet has many features useful in different situations for monitoring wireless networks:

- Ethereal/Tcpdump compatible data logging

- Airsnort compatible weak-iv packet logging

- Network IP range detection

- Built-in channel hopping and multicard split channel hopping

- Hidden network SSID decloaking

- Graphical mapping of networks

- Client/Server architecture allows multiple clients to view a single Kismet server simultaneously

- Manufacturer and model identification of access points and clients

- Detection of known default access point configurations

- Runtime decoding of WEP packets for known networks

- Named pipe output for integration with other tools, such as a layer3 IDS like Snort

- Multiplexing of multiple simultaneous capture sources on a single Kismet instance

- Distributed remote drone sniffing

- XML output

Typical Uses

Common applications Kismet is useful for:

- Wardriving: Mobile detection of wireless networks, logging and mapping of network location, WEP, etc.

- Site survey: Monitoring and graphing signal strength and location.

- Distributed IDS: Multiple Remote Drone sniffers distributed throughout an installation monitored by a single server, possibly combined with a layer3 IDS like Snort.

- Rogue AP Detection: Stationary or mobile sniffers to enforce site policy against rogue access points.

Download

Kismet can be downloaded here

What Can Hackers Do with Packet Sniffer

packetsniffer — Thu, 23 Apr 2009 10:06:24 +0200

What Can Hackers Do with a Packet Sniffer?

A packet sniffer in the wrong hands is a deadly weapon. A packet sniffer is a real danger because it is a very powerful and difficult to detect tool Security breaches of all kinds are reported all the time. Everyday we hear of hackers who managed to steal sensitive data, of people who become victims of identity theft, etc. Very often the breaches are so incredible that you wonder if hackers have supernatural powers. Well, hackers hardly have supernatural powers but they don't need them –supernatural powers are not necessary when a networklacks security and one has the right tools to break in.

Hackers Can Monitor Networks With a Packet Sniffer

The tools hackers use to break into networks are more or les s the same tools network admins use to monitor and maintain their network with . For example, packet sniffers are among the tools hackers love most. A packet sniffer captures packets and shows you their contents.This means that with the help of a packet sniffer running somewhere into the network, hackers can monitor all the unencrypted traffic to and from this network.

This is really scary – just imagine a malicious hacker who knows all the secrets of your company. It gets even more dangerous for networks, where hubs (and not switches) are used because in this case a packet sniffer can be installed on any computer and the hacker will monitor all the traffic in that segment, not only the traffic to and from the host. The good news is that hubs are almost out of use today and because of that hackers can do less damage with a packet sniffer.

Hackers Can Obtain Passwords and Credit Card Numbers With a Packet Sniffer

When a hacker uses a packet sniffer to monitor your network, this is not nice but when he or she steals passwords, credit card numbers and other types of sensitive data, this is a real danger. Unencrypted passwords, credit card numbers and other sensitive data are an easy target for a hacker with a packet sniffer.

In many of the cases of mass theft of credit card numbers and passwords happen because hackers use a packet sniffer on an unencrypted network. For truth's sake, it is important to mention that even if all the traffic is encrypted, there are still many other ways to obtain sensitive data. But when the traffic over a network is not encrypted and nobody monitors the network for unauthorized packet sniffers, sooner or later data will be stolen.

One of the greatest achievements for hackers with a packet sniffer is to capture the administrator's password. When the administrator's password is transmitted over the network in an unencrypted form, this is an easy target for hackers. If hackers manage to intercept the admin password, they have the power to do everything they want to on your network – delete data, modify data, etc. So, do you see why hackers don't need supernatural powers but only the admin password?

About Colasoft
Ever since 2001, Colasoft has been an innovative provider of all-in-one and easy-to-use network analyzer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. Colasoft also offers four free network utilities : Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit http://www.colasoft.com/.

Top 5 Items IT Department Must Do

packetsniffer — Mon, 20 Apr 2009 08:40:07 +0200

Even though it is a basic economic fact that recessions happen once or twice in a decade, when the economy is in a good shape, like it was a couple of years ago, people, including IT managers, tend to forget that the summer will be over and hard times will come soon. On the other hand, recessions might be bad but the current one is certainly worse than many of the ones before. Actually, this is the worst recession since the Great Depression in the 1930s and even the most optimistically-minded managers have really serious reasons to fear and be cautious.

We can't say that the recession took us by surprise but certainly we didn't expect it to be that fierce. However, recession or no recession, life must go on and if a company wants to make it, there are many things which can't be skipped. So, no matter that IT budgets are tight, there are items a company can't save on. Here are the top 5 items our IT department will not sacrifice:

1, Network security and security in general . Being in the network security business themselves, we know that network security and security in general is paramount and no matter how hard the economic situation might be, this is not an item to save on because the price is too high. Certainly, we are not buying the most expensive solutions, even though they are incredibly great but we also do not make compromises with the quality either.

2, Going green. Going green is also an item we can't skip. Green technology saves money and now this benefit is more important than ever. So, if we buy new IT stuff, we definitely go for the green items.

3, Compliance. Regulations compliance is another item we can't afford to skip, unless we really want to go out of business (and we don't). So, when there are steps in this direction to be taken, we do them – no way!

4, Training. Training is also important and even though our training budget has shrunk, we still try to keep our staff qualified.

5, Outsourcing. Outsourcing has been a successful strategy for our company at all times and now, when money issues start to surface, we are happy that outsourcing helps us cut cost with no sacrifice of quality.

Kevin Chou is Author of this article from www.Colasoft.com .

About Colasoft Co., Ltd.
Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use Packet Sniffer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – Colasoft Packet Sniffer as their network monitoring and troubleshooting solution. Colasoft also offers four free network utilities: Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit http://www.colasoft.com/ .

Packet Sniffer, Basic Tool for Network A...

packetsniffer — Thu, 16 Apr 2009 10:55:35 +0200

Packet sniffers are a valuable tool for both network administrators and hackers. There are many packet sniffers on the market and one of the most sophisticated is the packet sniffer from Colasoft

Packet sniffers are one of the best tools a network administrator has at his or her disposal to analyze network traffic and to troubleshoot problems. On the other hand, when a Packet sniffer is in the wrong hands – i.e. hackers use it – this can cause quite a lot of damage to a company or an individual, especially if the victim hasn't taken the required protective measures. You see, as with many things in life, packet sniffers can be a great tool to maintain a network, yet they can be very destructive, if misused.

Packet sniffers are very common, choose a best packet sniffer for you. There are many packet sniffers on the market and they range from free, to cheap, to expensive, from very simple, to advanced, to packed with features. Each type of packet sniffers has its purposes and if you need a simple tool for quick results on a small network, you don't have to buy the most expensive packet sniffers, no matter that they have tons of features. But in reality, if you need a packet sniffer for professional use, low-end sniffers are not the answer and you need something more sophisticated, for example Colasoft Network Analyzer. Colasoft Network Analyzer is built around packet sniffing but includes many other useful features as well.

As any other packet sniffer, the packet sniffer from Colasoft, intercepts and logs traffic, transmitted within a network (or a network segment). A packet sniffer can be really invisible because it monitors the network (almost) unobtrusively. Since a packet sniffer just sniffs the packets without modifying them, it doesn't cause disturbances to alert the administrator that something is going on. Unless the administrator doesn't run an anti-sniffer, the traffic can be eavesdropped and nobody will know about it.

Of course, a good network administrator knows how to detect a packet sniffer, so if you plan to get Colasoft packet sniffer and use it in a malicious way, don't expect that this will go unnoticed. The packet sniffer in the Colasoft Network Analyzer is not stealth but since anyway Colasoft Network Analyzer is intended for network troubleshooting, not network hacking, there is no reason to worry that the packet sniffer is not hidden. When a network administrator uses a packet sniffer in order to legitimately monitor network traffic, he or she doesn't need cover.

One of the most important features of a packet sniffer is the protocols it can sniff. In this aspect Colasoft Network Analyzer is an unbeaten packet sniffer because it can monitor over 300 protocols. Colasoft knows that when the packets of major protocols are not captured, this gives a wrong impression about the traffic in the network and that is why Colasoft Network Analyzer supports so many protocols. And no, the protocols Colasoft Network Analyzer can sniff are not exotic ones – they are protocols used frequently in networks.

Additionally, new and new protocols are added to the packet sniffer from Colasoft, so even if your network uses some really rare protocols, which are currently not supported by Colasoft Network Analyzer, they could be added in the future. Well, if you expect that the packet sniffer from Colasoft will sniff encrypted traffic, this will not happen because no packet sniffer can do it!