|
|
Package description:
The gain of performance is reached by zero-copy mechanisms, so that
the kernel does not need to copy packets from kernelspace to userspace
and vice versa.
For this purpose, the netsniff-ng suite is libpcap independent, but
nevertheless supports the pcap file format for capturing, replaying
and performing offline-analysis of pcap dumps. Furthermore, we are
focussing on building a robust, clean and secure analyzer and utilities
that complete netsniff-ng as a support for network development, debugging
or network reconnaissance.
netsniff-ng consists of much more than only a network analyzer. Next to
the zero-copy sniffer itself, further tools like trafgen, a powerful
zero-copy network packet generator, or ifpps, a tool that provides
top-like kernel networking statistics, are being shipped.
Some use cases and features
- Open source project and free licensing
- Integrated high-performance capabilities
- Analizing and debugging of network problems or protocol implementations
- Reverse engineering of (i.e. proprietary) network protocols
- Dumping, replaying and offline analysis of pcap traces
- Focus on usability, robustness, security and functionality
- Support utility for penetration testing, network reconnaissance
- Network statistic creation (e.g. for Nagios, gnuplot)
- Powerful, flexible and performant traffic generation
- Reliable, top-like kernel networking statistics
|
