WinPcap is the major open source packet sniffing library for Microsoft Windows, Unfortunately it is no longer under active maintenance and hasn’t been for quite a while. But, fear not, Npcap have picked up the baton. Sort of.
Wireshark is a wonderful tool, no doubt about it. But, on Microsoft Windows, there is one thing it isn’t so good at. Microsoft decided to remove the local loopback interface in Windows 7. So capturing loopback traffic is rather difficult without modifying your system. Something I try to avoid if at all possible. There are ways to install the loopback interface if you want, as documented here. There are also other means to achieve the same effect, also documented in the previous link.
Loris Degioanni over at CACE Technologies has produced an uber geeky animation showing the 11 year history of the Wireshark project. The video was produced with the aid of Codeswarm.
I did a comparison of the buzz for the leading open source network management tools in 2008 so I thought it would be interesting to do the same comparison for 2009 and see what’s changed. As I did last year, I’ve compared the number of searches for the project name using Google Trends. As always, this post is not intended to be indicative of the usefulness of a particular tool to your requirements.
The recent controversy over the ICINGA Nagios fork brought into focus the relative activity of the various network management projects. One of the main complaints aimed at Nagios was the slow speed of development. The following graphs, taken from the open source directory ohloh, show the number of commiters and the number of commits over the last three years for Nagios, OpenNMS and Wireshark. I can’t vouch for how accurate the stats are but I think they do provide some insight into the development processes of the respective projects.
As it’s the start of a new year I thought it would be an ideal time to look back over the year just gone. I have used Google Trends to compare the number of searches during 2008 of various open source and proprietary network management tools. Whilst search volume is an interesting metric for network management tools, it is not intended to be in any way indicative of the usefulness of a particular tool.
Chris Sanders is offering an online Wireshark training opportunity for the rather modest cost of $100. The course will cover analyzer placement on your cabling system, performing a network baseline and troubleshooting network latency.
Mark Hinkle from Zenoss sent me a link to an interesting document he prepared yesterday. I think Mark may be over egging Zenoss “clear market leadership” but without any doubt their growth over the last year has been impressive. Perhaps the most impressive thing to take away is that all of the projects featured have grown over the last year.
FYI there is an interesting interview with Chris Sanders, author of “Practical Packet Analysis: Using Wireshark to solve real-world network problems”. If you are new to packet analysis, you can do a lot worse than read the book.