FREE: Network Monitor – a free network protocol analyzer
By Michael Pietroforte | 3 Comments | Permalink | Trackback | Previous | NextUpdate: Network Monitor 3.1 is available now.
I just played with Network Monitor 3.0 , Microsoft’s network sniffer. It is certainly a major improvement over its predecessor. It has a completely new user interface and many new features.
Did you ever try Network Monitor 2.1 that comes with Windows Server 2003 SP1? You can install it from the CD as an additional Windows component. I tried it once for about 3 minutes and then uninstalled it again.
Network Monitor 3 is different. The tool is easy-to-use and has most features a system administrator needs. I didn’t have to read any manual in order to use the tool. This is different compared to more prominent tools like Wireshark. You also don’t have to install WinPcap first.
Another thing I like is that you can analyze multiple networks simultaneously if you have more than one network card installed. You can even run multiple simultaneous capture sessions. The output of the tool is clearly arranged and easy-to-read.
Network Monitor 3.0 supports two different kinds of filters, a capture filter and a display filter. Applying a filter is very easy. To display only packets which belong to a certain protocol, you just have to type the protocol name. For example, if you want to see DNS packets only, you enter “DNS” in the filter field. There are lots of predefined filters for a more complex analysis. Network Monitor loads the corresponding commands in the filter window where you can edit them to create your own filter.
Advanced users can write their own protocol parser. This feature is probably only for developers, though. Parsers for most important protocols are already included.
The Beta 2 of Network Monitor 3.0 lacks any means for statistical analysis. If you need this, you should get Wireshark or Omnipeek. Both tools are more powerful than Network Monitor. In my view, however, they are too complex for the average administrator.
My favourite network analyzing tool is still Smartsniff, though. It is as easy to use as Network Monitor. Its advantage is that it is a stand-alone-application. Thus, you can run it from an USB stick without installing it.
Network Monitor
(4 votes, average: 4.25 out of 5)
Loading ...
Leave a Comment | 
Subscribe RSS
| 
Newsletter
an easy way to get Netmon 3.0 .. ? I did yesterday walk through tons of microsoft web pages.. don’t want to go through this again. it’s a pain
i have netmon 2.1.
Thanks
Did you try Microsoft Connect? I just checked it now and it is still there.
Nice post, you tell the various tools for snnif and capture, now rest a descryptographal kit for implement a complete network
Tnx;)