It was winter 2006 when Roberto Farah and I started to develop this project out of MS work hours called Network Monitor Wizard. I was very excited with the robustness of nmcap but also a little concern about how many parameters we have to manually input. Then I brought this simple idea to him to create a wizard for nmcap and we called Network Monitor Wizard. This tool can actually assist you in scenarios like the following ones (for example):
· I would like to capture all packets coming from one specific host and stop the capture when this host sent a packet using the TCP port 85.
· I need to capture all packets DNS and HTTP packet and stop the capture only tomorrow.
· …and more…
I know that you can manually do this using nmcap, but you also know that it will be a long command line. This tool actually build the command line in the screen for you. You can either start the capture using the tool or just copy and paste the command line in an email and send to your friend that is asking for that. If you choose to run the command line from the tool a VBS script is created and you can use it again later if you want.
The beta version that we are making available is completely AS IS with no warranties, but we do want to hear your feedback. If you have any comments, please contact myself or Roberto Farah. In the subject type [Network Monitor Wizard Feedback] and type your question in the message field.
In order to run this tool, you need:
· Microsoft Windows XP, 2003 or Vista;
· Microsoft Network Monitor 3.x;
· Microsoft .Net Framework 2 (or higher);
Feel free to download and test it.
Iedereen kent ze wel, de tools van Sysinternals . Mark Russinovich is echter niet de enige Microsofter