SmartSniff is a network monitoring utility that allows you to capture TCP/IP packets that pass through your network adapter, and view the captured data as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode (for text-based protocols, like HTTP, SMTP, POP3 and FTP.) or as hex dump. (for non-text base protocols, like DNS)
SmartSniff provides 3 methods for capturing TCP/IP packets :
1. Raw Sockets (Only for Windows 2000/XP or greater): Allows you to capture TCP/IP packets on your network without installing a capture driver. This method has some limitations and problems.
2. WinPcap Capture Driver: Allows you to capture TCP/IP packets on all Windows operating systems. (Windows 98/ME/NT/2000/XP/2003/Vista) In order to use it, you have to download and install WinPcap Capture Driver from this Web site. (WinPcap is a free open-source capture driver.)
This method is generally the preferred way to capture TCP/IP packets with SmartSniff, and it works better than the Raw Sockets method.
3. Microsoft Network Monitor Driver (Only for Windows 2000/XP/2003): Microsoft provides a free capture driver under Windows 2000/XP/2003 that can be used by SmartSniff, but this driver is not installed by default, and you have to manually install it, by using one of the following options:
* Option 1: Install it from the CD-ROM of Windows 2000/XP according to the instructions in Microsoft Web site
* Option 2 (XP Only) : Download and install the Windows XP Service Pack 2 Support Tools. One of the tools in this package is netcap.exe. When you run this tool in the first time, the Network Monitor Driver will automatically be installed on your system.
SmartSniff can capture TCP/IP packets on any 32-bit Windows operating system (Windows 98/ME/NT/2000/XP) as long as WinPcap capture driver is installed and works properly with your network adapter.
Under Windows 2000/XP (or greater), SmartSniff also allows you to capture TCP/IP packets without installing any capture driver, by using 'Raw Sockets' method. However, this capture method has some limitations and problems:
* Outgoing UDP and ICMP packets are not captured.
* On Windows XP SP1 outgoing packets are not captured at all - Thanks to Microsoft's bug that appeared in SP1 update...
This bug was fixed on SP2 update, but under Vista, Microsoft returned back the outgoing packets bug of XP/SP1.
* On Windows Vista with SP1, only UDP packets are captured. TCP packets are not captured at all.
Changelog for this release:
- Added support for GeoLite City database. You can now download the GeoLite City database (GeoLiteCity.dat.gz), put it in the same folder of smsniff.exe, and SmartSniff will automatically use it to get the country/city information for every IP address.
- Added 'Auto Size Columns+Headers' option, which allows you to automatically resize the columns according to the row values and column headers