Packet Capture

Discussion in 'Java' started by Captain Blammo, Nov 4, 2004.

  1. I was wanting to write a little network monitoring tool that will sit on my
    network in promiscuous mode and gather stats from a few application layer
    protocols. I'd want to keep tabs on how many connections are set up, as well
    as things like how many HTTP requests go back and forth (maybe even what
    type of resource is requested).

    I'm quite new to the more in-depth aspects of networking, and was wondering
    what package anyone would recommend for doing this. I'm currently looking at
    Jpcap (http://sourceforge.net/projects/jpcap). If anyone knows of a good
    reason to use/not use it, or has any alternate recommendations, they'd be
    greatly appreciated. It seems to be more than capable doing what I want, but
    I'm not sure if it is, or if there's something better suited to my needs out
    there.

    Ewan
     
    Captain Blammo, Nov 4, 2004
    #1
    1. Advertising

  2. On Thu, 04 Nov 2004 18:49:37 GMT, Captain Blammo wrote:
    > I was wanting to write a little network monitoring tool that will
    > sit on my network in promiscuous mode and gather stats from a few
    > application layer protocols. I'd want to keep tabs on how many
    > connections are set up, as well as things like how many HTTP
    > requests go back and forth (maybe even what type of resource is
    > requested).
    >
    > I'm quite new to the more in-depth aspects of networking, and was
    > wondering what package anyone would recommend for doing this. I'm
    > currently looking at Jpcap (http://sourceforge.net/projects/jpcap).
    > If anyone knows of a good reason to use/not use it, or has any
    > alternate recommendations, they'd be greatly appreciated. It seems
    > to be more than capable doing what I want, but I'm not sure if it
    > is, or if there's something better suited to my needs out there.


    Jpcap provides a Java binding to libpcap (package capture library) as
    well as a visualisation tool. Similar tools like Ethereal and Tcpdump
    (and probably any other packet capture tools you'll find) are all
    based on libpcap, and differ mainly in presentation.

    If you want to write your tool in Java, then Jpcap is probably the way
    to go. Otherwise, Ethereal has a plugin architecture that lets you add
    funtionality or support for additional protocols. Finally, using
    libpcap directly (from C) isn't all that difficult if you want to
    write a specialized tool.

    Also realize that in a switched network, you can only see broadcast
    traffic and traffic specifically to and from your host. Most likely
    you won't be able to collect data for several servers from a single
    location unless you can use a mirroring switch or a hub.

    That said, it might be easier to collect http statistics from the web
    server software itself (although I don't have any concrete suggestions
    here). On the other hand, if you're talking about monitoring your own
    use of (other) web servers, a web proxy might be a more suitable
    solution.

    /gordon

    --
    [ do not email me copies of your followups ]
    g o r d o n + n e w s @ b a l d e r 1 3 . s e
     
    Gordon Beaton, Nov 5, 2004
    #2
    1. Advertising

  3. > If you want to write your tool in Java, then Jpcap is probably the way
    > to go. Otherwise, Ethereal has a plugin architecture that lets you add
    > funtionality or support for additional protocols. Finally, using
    > libpcap directly (from C) isn't all that difficult if you want to
    > write a specialized tool.

    <snip>

    I do indeed want to write my own tool, as much for learning purposes as
    anything else. Thanks for the advice, I guess I'll be using Jpcap.

    Ewan
     
    Captain Blammo, Nov 8, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vladimir Shishkovsky

    Packet Capture and Account Class

    Vladimir Shishkovsky, Jun 22, 2004, in forum: C++
    Replies:
    0
    Views:
    309
    Vladimir Shishkovsky
    Jun 22, 2004
  2. Pieter Claassen

    pointer arithmetic and packet capture

    Pieter Claassen, Aug 5, 2004, in forum: C Programming
    Replies:
    1
    Views:
    260
    Eric Sosman
    Aug 5, 2004
  3. pmm

    about UDP packet capture error

    pmm, May 9, 2006, in forum: C Programming
    Replies:
    5
    Views:
    339
  4. Li Han
    Replies:
    2
    Views:
    509
    bobicanprogram
    Feb 9, 2009
  5. Gelonida N
    Replies:
    4
    Views:
    893
    Gelonida N
    Sep 11, 2011
Loading...

Share This Page