NetworkMiner 1.1 发布,网络取证分析

来源: OSCHINA
编辑: 红薯
2011-09-17

NetworkMiner是一款windows平台下开放源代码的网络取证分析工具,同时也是一款比较好的协议分析工具,它通过数据包嗅探或解析PCAP 文件能够检测操作系统,主机名和网络主机开放的端口。NetworkMiner还能够从网络通信中提取文件。

目前  NetworkMiner更新至1.1版,新版主要改变如下:

    * Extraction of parameters sent to Google Analytics into NetworkMiner’s “Host Details”. These parameters include: screen resolution, color depth, browser language and flash version.
    * You can drag-and-drop one or multiple pcap files onto NetworkMiner.exe to have it start up and begin loading the dropped pcap files. You can also submit your pcap files as arguments from the command line.
    * Multiple SMB/CIFS and NetBIOS improvements, such as support for multiple simultaneous SMB file transfers over the same TCP session as well as support for NetBIOS Session Service keep-alive messages.
    * Added support for Point-to-Point Protocol (PPP) frames in pcap files.
    * Improved stability when loading pcap files. Thanks to psteier for identifying this bug.

工具下载:http://sourceforge.net/projects/networkminer/files/networkminer/

展开阅读全文
3 收藏
分享
加载中
更多评论
1 评论
3 收藏
分享
返回顶部
顶部