Sniff'em™ condensed feature list
General
Ü Proactively monitor your organization network traffic retrace the exact steps of any network user.
Ü Inform yourself Instantly of any hack and infiltration attempts.
Ü Sniff'em boasts a stunningly easy to use user friendly interface, designed with productivity in mind. |
Decoding
Ü Sniff'em™ does support automatical advanced decoding of DNS, and Netbios Packets.
Ü Buffer Decoding (Supported: TCP, TELNET, HTTP, POP3, SMTP, AUTH, IRC, DOMAIN, FINGER, FTP, FTP-DATA....)
Ü Detects over 171 HighLevel Protocols.
ÜThe Detailed Packet View decodes [ARP, IP (TCP,UDP,ICMP,IGMP), PPP(PAP , ATCP, BCP, BVCP, CCP, DNCP, ECP, IPCP, IPv6CP, IPXCP, NBFCP, OSINLCP, SDCP, SNACP, XNSCP, BACP, BAP, CHAP, EAP, LCP)] packets and represents them in a structured manner. |
Manipulation
Ü Sniff'em™ implies many ways to modify Packets (within the tree based Detailed Packet View, on-the-fly editable and browsable PacketView).
Ü Sniff'em™ allows you to send forged/spoofed packets at a specified rate.
Ü An easy to use Packet Wizard (template based) is implented to enable you an simple creation of raw Packets. |
Log file creation
Ü Special Logging Modes aimed at the automatic (no physical Assistance needed) logging of ALL (or rule-based filtered) traffic through a given Network.
Ü You may choose between different formats : The compressed proprietary Sniff'em (SEM) format, the Human Readable Log, the CVS log and HTML logs.
Ü A special mode entitled "Trigger mode" has been introduced into Sniff-em due to popular demand. This mode enables you to set a Specific "Trigger" event which when occures will launch the logging Process. This can be easily used to log suspicious hack attempts aswell as monitor Worm activity (Code Red, Nimda...)
Ü Log files can be organised automaticaly in special named folders, those folders will be dynamicaly named and can be specificaly "designed" by you.
(Example : c:\Logs\2001\January\Week1 ) |
Security
Ü The Sniff'em™ Project files are compressed and encrypted with a proprietary format.
Ü An Anti-Tamper Public/Private key Fingerprinting mechanism has been build right into Sniff'em™ (Settings-> Anti-Tamper), this ensures immediate discovery of corrupted or manipulated log Files. |
Filtering
| Ü A massive amount of time has been put into Sniffem to allow easy inbound and outbound filtering of packets be it IP based, Protocol (High and Low) based, Port based, Content based, MAC based or Size based. |
|
