I am having trouble integrating two products, one of which is mine and they appear not to be talking. So I want to make sure they are communicating correctly. I had a look around for network monitor and found TCP Spy. This works but only shows 1 side of the conversation at a time (it has to run locally) I would ideally like to see both sides at the same time - but you can't run two copies of TCP Spy.
I've hit Sourceforge, but nothing seems to jump out - I'm a Windows developer, I don't have perl installed.
I've found a couple of others which are cripple-ware and totally useless, so I was wondering what do the SO guys use for watching the TCP conversation?
BTW - the 'not-written-here' product is not a browser.
Wireshark is a really good and mature network sniffer. It's been around for years.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Coloring rules can be applied to the packet list for quick, intuitive analysis
- Output can be exported to XML, PostScript®, CSV, or plain text
I'm not sure if it does everything you want, but have you seen WireShark and the Microsoft Network Monitor?
Wireshark (previously Ethereal)
Wireshark is an award-winning network protocol analyzer developed by an international team of networking experts.
I use wireshark. Very good and free.
Wireshark, aka Ethereal comes with a fair amount of TCP sniffing functionality.
http://www.wireshark.org/
With respect to using Windows and lacking Perl: Why not try Strawberry Perl? It's a free Perl distribution that's run by the Perl community (specifically Adam Kennedy at the core), is easy to install, and wields the full power of CPAN out of the box.
Strange that I did not see WireShark when I visited SourceForge. The top result of the 60 returned was a bizarre german thing.
Wireshark is great.. but another option would be via PowerShell. I've used the Get-Packet script from Jeff Hicks at Sapien Technologies as a really lightweight packet sniffer. You get custom objects representing your packets and can do whatever filtering you need to via PowerShell. The other script in the pair is Analyze-Packet, which can summarize the results of a packet capture.
I tried Wireshark and Microsoft Network Monitor, but neither detected my (and the program I am trying to communicate with) transfer. If I had a day to sit and configure it I probably could get it working but I just wanted the bytes sent and, more specifically, bytes received.
In the end I found HHD Software's Accurate Network Monitor software which did what I wanted it to, even if it was slight clunky.
Take a look at Tcpdump It is not a full fledged GUI network analyzer (not at all) but it is usable in scripts. Since I am more a Linux person, I use it with Bash and Python, but you should be able to call it from powershell.