Network Traffic Analysis and Packet Sniffing Using UDP (original) (raw)

Network Monitoring and Analysis by Packet Sniffing Method

— Today we are seeing that computer networks are increasing in their sizes very rapidly. Number of its user increased in past few years and traffic flows in networks also increased, so it's very important to monitor networks traffic as well as its user's activities to keep the network smooth and efficient. For complex network it's very tough task to maintain and monitor the network, because large amount of data available. For this purpose packet sniffing is used. Packet sniffing is important in network monitoring to watch network activities which help network administrators to find out problems. This paper focuses on packet sniffer working in different environments, Behavior of already existing sniffer; their problems and challenges while performing sniffing. For accomplish of monitoring task, a tool is developed which will remove deficiency of existing tool. By using this packet sniffer we can capture traffic as well as we analyzed capture traffic. We can generate reports on the basis of analyzed traffic. Many protocol like TCP, IP, UDP etc. are implemented and filtering on basis of protocol is also done. Alerts generated on the occurring of suspected activities.

Transmitting and Tracking Packets of Data Through the TCP and UDP Network Protocols

Jeanna Matthews, 2003

The Internet rapidly becoming the most widely used method of connection. The two main protocols used for data transfer on the Internet are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). Our research is one of the most exhaustive studies comparing the two protocols on many different types of network connections.

Packet Sniffer – A Comparative Study

2014

Packet Sniffer is a tool which captures all the packets on the network irrespective of the final destination of the packet. Packet Sniffer could be used to monitor the bottlenecks in the network, alarm the irregular behaviour in the network, capture passwords and VoIP from any system in that network. This paper gives a brief introduction of what is a packet sniffer, its structure and what is its working. Then key features of top packet sniffing tools (i.e. Wireshark, TCPdump and Colasoft Capsa) are discussed. Further, the above tools are compared on the basis of characteristic behaviour and quantitative parameters. Finally, one gets the best tool amongst these three in a particular situation.

An Insight in to Network Traffic Analysis using Packet Sniffer

Slowdown in the network performance can cause serious concern to network analysts, leading to loss in resources. Such cases are not easy to deal with, due to the lack of time and resources available. Lack of awareness about appropriate tools which detect the attacks or not knowing exactly why a loss in network performance is occurring are some other factors. Connectivity loss or shutting down of terminals within the network for unknown reasons are among the other problems. Mostly, the cause of these problems cannot be detected accurately and is concluded due to poor network architecture, such as inefficiently configured broadcast storms, spanningtree, usage of unsuitable routing protocols within the network domain, redundant links etc. However, sometimes the cause could be due to attacks by unknown third parties that try to put the web server out-of-service through means of a DoS (Denial of Service) attack, sending traffic with a poisoned ARP in an attempt to discover hosts to infect, or by simply infecting ports with malware to form part of an alien network or botnet. In all these cases, knowing the source of the attack is the first step towards taking appropriate action and achieving correct protection. That is when packet sniffers can be extremely useful to detect, analyze and map traffic. Such packet sniffers identify threats to the network and limit their harmful consequences.

.ONLINE NETWORK MONITORING AND PACKET TRAFFIC ANALYSIS USING SNIFFER APPLICATION (2)

2022

Network analysis is the process of capturing network traffic and inspecting it closely and determine what happened on the network. The data packets of popular protocols are decoded by a network analyzer, which then shows the network traffic in readable format. A sniffer is a program that keeps track of data as it travels across a network. This study aims on the design and development of a virtual real time intranet networks monitoring using packet sniffing, provide accurate evidence on corporate fraud when investigation is being carried out in an organization. These network analyzers converts raw binary data into human-readable format which helps to analyze the network. The methodology adopted and implemented was the Object Oriented Analysis and Design Methodology (OOADM). C# with SQL was used as a programming language to develop this system.

Network traffic analysis and intrusion detection using packet sniffer

2010

Computer software that can intercept and log traffic passing over a digital network or part of a network is better known as packet sniffer. The sniffer captures these packets by setting the NIC card in the promiscuous mode and eventually decodes them. The decoded information can be used in any way depending upon the intention of the person concerned who decodes the data (i.e. malicious or beneficial purpose). Depending on the network structure one can sniff all or just parts of the traffic from a single machine within the network. However, there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network. This paper focuses on the basics of packet sniffer and its working, development of the tool on Linux platform and its use for Intrusion Detection. It also discusses ways to detect the presence of such software on the network and to handle them in an efficient way. Focus has also been laid to analyze the bottleneck scenario arising in the network, using this self developed packet sniffer. Before the development of this indigenous software, minute observation has been made on the working behavior of already existing sniffer software such as wireshark (formerly known as ethereal), tcpdump, and snort, which serve as the base for the development of our sniffer software. For the capture of the packets, a library known as libpcap has been used. The development of such software gives a chance to the developer to incorporate the additional features that are not in the existing one.

. ONLINE NETWORK MONITORING AND PACKET TRAFFIC ANALYSIS USING SNIFFER APPLICATION

Monitoring and Analysis of Data Packets Using Data Stream Management System

2008

This paper introduces monitoring network packets, which we will show differ substantially from conventional DBMS analysis. In many applications in the real world, data is not stored at a place (as in conventional DBMS) i.e. in this model, data does not take the form of persistent relations, but rather arrives in multiple, continuous, rapid, time-varying data streams. Almost all traffic analysis tasks too fall under this category as the amount of data flowing are bursts of stream. The huge amount of data that has to be managed and analyzed together with the fact that many different analysis tasks are performed over a small set of different network trace formats, motivates us to study whether data stream management systems (DSMSs) might be useful to develop network traffic analysis tools.

Network Traffic Analysis and Packet Sniffing Using UDP (original) (raw)

Related papers