Menu
interested in any comments anyone has around the various .net tools which can be used for passive packet capture. In terms of winpcap the choice seems to be between pcap.net and sharppcap. Another potential offering is Microsoft's NetworkMonitor and I am sure there are others as well.
I have used ethereal/wireshark as a diagnostic tool occasionally over the years but that is the limit of my knowledge. I'm looking to automate the capture process and subsequent diagnostic processing. I am tending towards pcap.net at the moment but would like to hear from anyone who has used two or more of these tools and whether they'd recommend one over another. My preference would be for the simplest interface/shallowest learning curve. Please let me know your thoughts.
Thanks Patrick
640
SharpPcap is a cross-platform(Windows, Mac, Linux) packet capture framework for the . NET environment. It provides an API for capturing, injecting, analyzing and building packets using any . NET language such as C# and VB.NET. Product.
Zeek uses the standard libpcap library for capturing packets to be used in network monitoring and analysis.
What is a PCAP file? PCAP files are data files created using a program. These files contain packet data of a network and are used to analyze the network characteristics. They also contribute to controlling the network traffic and determining network status.
Well, I've ended up using sharppcap because the dll references required for pcap.net wouldn't load into my project correctly. Expect it was my mistake but the sharppcap reference worked without fuss...
42
If you're willing to use .NET 4 or willing to use older versions of Pcap.Net, it is definitely the choice. Pcap.Net is much more flexible and include many more features and is very easy to use.
Disclosure: I'm a developer in Pcap.Net.
154
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
