Sniff Network Traffic, Capture Files, Images & Web Sessions With York
Network sniffing tools provides system admins with a convenient GUI-based frontend for numerous complex commands which are used to fetch information related to clients’ data send and receive requests. Network sniffers actually do nothing except consistently observe requests being routed through network, so their responses can be sniffed before or after they reach the client PCs. If you’re looking for a tool which not only enables you to log source and destination information and network data size but passwords, files, web sessions, and images as well, try out York.
It is a network traffic sniffing/logging tool which lets you sniff network traffic to view information related to data packets and send and receive requests under a unified interface. Apart from showing logged network traffic, it also allows you to save the sniffed HTTP and FTP files. Just like other advance network sniffing utilities, it can save captured information in PCAP files; you can send PCAP trace files and replay them anytime to further analyze captured network traffic details. York sits in system tray, letting you start and stop capturing of network traffic data and reveal main interface.
Before you click Start, head over to Option window accessible from system tray menu to select your network interface from Network Adapter tab.
Once selected, click Close and hit Info in system tray menu to open main interface. Click Start in toolbar to let York start analyzing the network traffic. All the packets routed through network are shown in Packets tab with timestamps, address 1, address 2, port, and size of data packet info.
In Files tab, you can check source and target location files captured from different client systems.
The Password tab allows user to view user login details captured from network traffic. Similarly, the Web Session and Pictures tab include current web session of connected clients and extracted image thumbnails .
You can flush all entries using Flush option in toolbar. However, by default, it is set to flush after every 1 minute if no activity is recorded. You can lessen this inactivity time from Options window. The Logging window lets you enable/disable Log TCP Packets, Log UDP Packets, Log ICMP packets, and Log NETBIOS packets options, toggle Log and Save HTTP/FTP files and web sessions On/Off and disable log passwords option. The Options tab lets you password protect access to Options window, change entry flush time interval, and set other general options. Finally, the Advanced Options allows you to enable show info for Ethernet, IP, TCP, UDP, ICMP, and other packets options. Here, you can turn saving traffic details in PCAP files On and send PCAP trace file in real time.
York is a lightweight tool that logs web sessions, HTTP and FTP requests, capture files and images, and sniff POP3, SMTP, SMB, VNC, and AIM password and cookies from network traffic without taking too much of system resource. It works on both client and server editions of Windows OS.
Been using this for a while on and off… parkdale is also a great util for benchmarking disk I/O.