Brief details about the Sniff'em

New Promotion for Sniff-em™! · Academic licenses : up to -25% · Private licenses : up to -25% · Business licenses : up to-45%

What Windows versions are supported ?
Sniff'em™ is compatible with Windows 95,Windows 98,Windows ME, Windows NT and Windows 2000 and Windows XP.

Which network adapters are supported by Sniffem™ ?
Sniff'em™ supports every Network adapter that can be put into promiscuous mode, promiscuous mode is is an standard requirement for Network Adapters. Sniff'em ™ does support nearly all devices, this does include USB devices and WiFi (Wireless) equipment.

Other new feautres in version 1.12? Version 1.12 is a major but nonetheless free upgrade : · Internal string handling routines speed up by 300% · Various bug fixes. · Threading code redone from scratch for speed and stability. · PPPOE decapsulation, IPX, Ethernet II frames support added. · Windows XP support. · Dialup compability for Windows XP, 2000, NT4 added. · Full NDIS 5.x support. This includes Wireless devices. · Bufferdecoding completely redone and enhanced. · Action Filters (Exectue applications, Netmessage) · New: Address Book, Schedules, checksums on logfiles. · Much more.

What Protocols and Ethernet codes is Sniff'em™ able to detect ?
Sniff'em ™ detects a wide range of low-level protocols as well as high-level protocols such as IP protocols. Real-time Ethernet fingerprinting is supported aswell with over 4700 fingerprints in the database..

All protocols can be easily added or changed by using a graphical interface inside the settings dialog; besides decoding an entire range of protocols, Sniff'em ™ does currently advanced decoding of Netbios and DNS packets.

Why should I/we choose Sniff'em™ over other Network Packet Sniffers ?
Sniff'em ™ has been designed to redefine the way data analysis and data displayal is being done today. This however has been done keeping the price as competitive as possible, some Network sniffer with the same functionality as Sniff'em ™ are priced from 900$ up to 3000$ some even higher. It is your choice, you are free to download and test Sniff'em ™ and it's current capabilities, then decide if these other Packet sniffer are still worth their money. Read what other persons and the International Press thinks about Sniff'em ™.

We are flexible.
We are not a multi-million dollar company, we are very flexible and will listen to your needs and suggestions, if you would like to see a special feature or a special protocol added to Sniff'em ™, simply let us know.

More Information ?
A brief introduction into the world of Sniff'em ™ is available as a Whitepaper (PDF, HTML)
Excerpts : [Technical Introduction] [Graphical User Interface] [Filter Facility] [Generalities]
Viewlets: [ Sniff'em beginner crash course ]

Why use a Packet sniffer ?
There are several uses whether you are a Programmer, Network Administrator, or Normal User. Reasons to use a Packet Sniffer are numerous, Sniff'em ™ is such a versatile Program it can be used for (among others) : debugging, fault analysis, network protocol analysis, data stream filtering, network intrusion detection, monitoring, traffic measuring, forensic log creation and much more.

Programmer
Check the packets your program is trying to send
How often did you come across problems related to wrong syntaxing of http requests or pop3, ftp commands ? With Sniff'em ™ you can spot these types of errors immediately, eventually you will even notice that the TCP packet you forged (using raw sockets c++ as example) isn't even send out because you computed the wrong CRC value.

Administrator
Log Traffic
The logging capability of Sniff'em ™ is of great flexibility, Sniff'em ™ will dynamically create a tree structured directory, sort the content by Date, Month,Year, Time and dump the appropriate log files in the dynamically assigned Directory. These Logfiles can be encrypted, compressed, fingerprinted and can taken as Tamper resistant proof whenever needed.

Network Intrusion Detection System
The filtering system of Sniff'em™ is of a high degree of flexibility, you can virtually filter every aspect of raw packets (Source Port, Destination Port, Mac Source Address, MAC destination, Source IP, Destination IP, Size and even the state of an TCP session (SYN, RST, FYN). Amongst other features this enables you to create important logs of hack or crack attempts along with proof of suspicious Traffic. Additionally Sniff'em ™ has an special mode entitled >>Trigger mode<< which will start to capture and log the network traffic when a specific previously defined packet hits the network.

Example : USER Joe logs into the network using plain text Telnet, the Filter being set to trigger on an Packet to port 23 containing JOE, Sniff'em™ will log every packet which is being send and received from that point on.

Spot Network configuration errors
As primarily designed for, Sniff'em™ will also enable you to spot Network configuration errors by analyzing the data stream and generated Error response packets.

Private User
Monitoring of Internet usage.
Need to watch what your child/mate/partner is doing on the Internet? Setup Sniff'em™ on the main Network segment and start automatic logging and you will be able to capture everything that travels thorough that segment, e-mail messages, webpages, clear-text passwords and much more. Tools like Evidence Eliminator ™ are simply useless against this type of monitoring.
(Notice : In some countries monitoring without prior agreement/notice is illegal)

Detection of Privacy violations by "Adware" or "Spyware".
Are you suspicious about your Privacy ? Want to control WHAT and WHEN is send out from your computer ? Then Sniff'em™ is the tool you'll need. Sniff'em™ enables you to immediately watch and inspect the packets as they travel through your Network. Spyware, Adware can be spotted quite easily with Sniff'em™.

Learn
A side-effect of using Sniff'em™ is that you will learn and comprehend how the Internet is build up and how Protocols do work. You can spot and dissect DNS requests, understand the ping (ICMP) protocol, the more you'll work with Sniff'em the more insight to networking you'll get.

Is the term "Packet Sniffer" Trademarked ?
Quoting : Sniffing-faq
The word "SNIFFER" is a registered trademark by Network Associates referring to the "Sniffer(r) Network Analyzer". However, the term "sniff" is used in many other products and the term "sniffer" is more popular in everyday usage than alternatives like "protocol analyzer" or "network analyzer".