• Technical
  • My adapter does not show up in the Settings and I am unable to choose it. What am I doing wrong ?
  • Why does the trial version not display incoming data?
  • What is a ICMP packet?
  • "eth?.xis file is missing" Error message.
    
• GUI
  • Detailed Packetview is always uncollapsed I manually have to collapse the Treeview everytime I change the Packet entry.
    
• Misc
  
  • How can I manage Filters to exclude certain protocols as selecting exactly those I want is proportional more work ?
  • Next version of Sniffem? When can we expect another version to come out?

I wanted to setup Sniff'em and start sniffing but my adapter got not listed. What went wrong ?

This can have multiple reasons :

1. Sniff'em does not support your adapter 99% of network adapters are supported by Sniff'em. Only those of which can't be set in promiscious mode can't be used by Sniff'em.
2. You are using Windows XP Currently we do not support XP. XP compability will be introduced in the near future.
3. You are not logged in as Admin Administrator access is needed on NT/2000 to successfuly use Sniff'em.

IMPORTANT :If 2 and 3 are not apllicable to you, please send more information (Adapter,OS) to dev@sniff-em.com and we will have a look at it.

How can I manage Filters to exclude certain protocols as selecting exactly those I want is proportional more work ?

See the EXCLUDE/INCLUDE information in the Filter Section

Why does the trial version not display incoming data? What is the point of offering a trial version that is basically unusable? Only displaying outgoing traffic seems like a very strong limitation that in my view prevents any real usefullness.

Your question is understandable, that's why we offer a 30-day Fullduplex trial version to anybody who is interested, such a demo can be requested by sending a mail to demo@sniff-em.com

What is a ICMP packet?

From RFC792:
The Internet Protocol [IP] is not designed to be absolutely reliable. The purpose of these control messages [ICMP] is to provide feedback about problems in the communication environment, not to make IP reliable.
There are still no guarantees that a datagram will be delivered or a control message will be returned. Some datagrams may still be undelivered without any report of their loss. The higher level protocols that use IP [TCP] must implement their own reliability procedures if reliable communication is required.
The ICMP messages typically report errors in the processing of datagrams. To avoid the infinite regress of messages about messages etc., no ICMP messages are sent about ICMP messages. Also ICMP messages are only sent about errors in handling fragment zero of fragemented datagrams. (Fragment zero has the fragment offeset equal zero).
More information : ICMP Protocol

"eth?.xis file is missing" Error message.

eth?.xis were files used by the BETA version of Sniff'em. Please download the Final version and your Problem should be corrected

I manually have to collapse the Treeview everytime I change the Packet entry.

Use the double plus (++) at the Top of the Treeview window, this will always keep the treeview collapsed.

When can we expect another version to come out?

At the time this question has been asked Sniff'em was only 1month "old". Rest assured that we will continously update Sniff'em by enhancing and optimising current features. The next version is to be out soon and Clients who purchased their copy will be send notification letters prior to the release on the Website.

You have a question not answered here ? Contact Support.