York::Log all network traffic
Log all traffic on your network card. Analyze and parse network packets. Capture transmitted files and passwords.
Log source, destination [fqdn or ip address], protocol and packet size of all network traffic on your network. The network card will be set into promiscuous mode.
Capture HTTP, FTP, POP3, SMTP, SMB, VNC and AIM passwords/hash and HTTP cookies like ‘GX’. Log them as l0phtcrack files.
Capture and store transmitted HTTP and FTP files. You can use pattern to store only specific files.
Captured pictures are shown in a slideshow or in fullscreen. Also a Screensaver is included which shows the captured pictures.
Advanced Options & Notes
You can write the logs into a MySQL database. Multiple filters can be used to search in the database.
You can select a client and follow his clicks in your browser. [WebSession]
Traffic can be captured into a pcap file, send from a pcap file and replayed from a pcap file.
You can restrict captured traffic by tcpdump filters.
The columns in the log file are tabulator separated for easy import into Excel for example. One line in the log file looks like this:
5.07.2013 02:49 [0:01:03] theszdbg <-> www.google.com http 55 kByte 56329 Bytes WinPcap is used to capture the network traffic. The setup will install WinPcap automatically.