views:

576

answers:

11

I am having trouble integrating two products, one of which is mine and they appear not to be talking. So I want to make sure they are communicating correctly. I had a look around for network monitor and found TCP Spy. This works but only shows 1 side of the conversation at a time (it has to run locally) I would ideally like to see both sides at the same time - but you can't run two copies of TCP Spy.

I've hit Sourceforge, but nothing seems to jump out - I'm a Windows developer, I don't have perl installed.

I've found a couple of others which are cripple-ware and totally useless, so I was wondering what do the SO guys use for watching the TCP conversation?

BTW - the 'not-written-here' product is not a browser.

+4  A: 

I'm not sure if it does everything you want, but have you seen WireShark and the Microsoft Network Monitor?

Thomas Owens
+4  A: 

Wireshark (previously Ethereal)

Wireshark is an award-winning network protocol analyzer developed by an international team of networking experts.

saniul
+4  A: 

I use wireshark. Very good and free.

Magnus Westin
+4  A: 

Would Wireshark (formerly Ethereal) help?

Echo.....echo......echo.... :)

Chris Karcher
+19  A: 

Wireshark is a really good and mature network sniffer. It's been around for years.

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text
Ryan Doherty
+3  A: 

Wireshark, aka Ethereal comes with a fair amount of TCP sniffing functionality.

http://www.wireshark.org/

izb
A: 

Strange that I did not see WireShark when I visited SourceForge. The top result of the 60 returned was a bizarre german thing.

graham.reeds
A: 

Wireshark is great.. but another option would be via PowerShell. I've used the Get-Packet script from Jeff Hicks at Sapien Technologies as a really lightweight packet sniffer. You get custom objects representing your packets and can do whatever filtering you need to via PowerShell. The other script in the pair is Analyze-Packet, which can summarize the results of a packet capture.

Steven Murawski
A: 

I tried Wireshark and Microsoft Network Monitor, but neither detected my (and the program I am trying to communicate with) transfer. If I had a day to sit and configure it I probably could get it working but I just wanted the bytes sent and, more specifically, bytes received.

In the end I found HHD Software's Accurate Network Monitor software which did what I wanted it to, even if it was slight clunky.

graham.reeds
When you say it didn't detect it do you really mean you were collecting everything and the packet you wanted wasn't there? I find that hard to believe. It doesn't need any configuration, it just works. Getting a sensible filter so it gets what you want and not loads of other crap is harder!
Mark Baker
A: 

Take a look at Tcpdump It is not a full fledged GUI network analyzer (not at all) but it is usable in scripts. Since I am more a Linux person, I use it with Bash and Python, but you should be able to call it from powershell.

edomaur
We use "tcpdump -s 0 -w tracefile" all the time on customer systems to get traces we can then take home and analyse with Wireshark
Mark Baker
(actually we also need a "-i bond0" option on it or it defaults to eth0 and only gets some of the traffic)
Mark Baker
+1  A: 

With respect to using Windows and lacking Perl: Why not try Strawberry Perl? It's a free Perl distribution that's run by the Perl community (specifically Adam Kennedy at the core), is easy to install, and wields the full power of CPAN out of the box.

tsee