NetworkMiner packet analyzer / News: Recent posts

NetworkMiner 1.6 Released!

New features in version 1.6 of NetworkMiner include:

  • Reassembled files and images can be opened with external tools by drag-and-dropping items from NetworkMiner's Files or Images tabs.
  • Improved extraction of emails and attachments sent over SMTP.
  • Failed DNS lookups that result in NXDOMAIN and SERVFAIL are displayed in the DNS tab along with the flags in the DNS response.
  • Remote live sniffing enabled by bringing the PCAP-over-IP feature into the free open source version of NetworkMiner... read more
Posted by Erik Hjelmvik 2014-06-16

NetworkMiner 1.3 released!

NetworkMiner 1.3 is now released!
Read more on our blog: http://netresec.com/?b=1240207

Posted by Erik Hjelmvik 2012-04-12

NetworkMiner 1.2 released

Posted by Erik Hjelmvik 2011-11-19

NetworkMiner 1.1 released!

NetworkMiner version 1.1 is now released on SourceForge! More information is available on the Netresec blog:
http://www.netresec.com/?page=Blog&month=2011-09&post=NetworkMiner-1-1-Released

Posted by Erik Hjelmvik 2011-09-15

A NetworkMiner blog

Did you know that we at NETRESEC are running a blog that covers detailed functionality of NetworkMiner as well as other topics in the network security / network forensics field?

You can fin our blog over at:
http://www.netresec.com/?page=Blog

The RSS feed is available from:
http://www.netresec.com/rss.ashx

Enjoy!

/erik

Posted by Erik Hjelmvik 2011-03-08

NetworkMiner 1.0 is now released!

NetworkMiner is now is stable and mature enough to advance to version "1.0".
I have therefore released NetworkMiner 1.0 on SourceForge today!

Here are some new features in NetworkMiner since the previous version:

* Support for Per-Packet Information header (WTAP_ENCAP_PPI) as used by Kismet and sometimes Wireshark WiFi sniffing.
* Extraction of Facebook as well as Twitter messages into the message tab. Added support to extract emails sent with Microsoft Hotmail (I.e. Windows Live) into Messages tab.
* Extraction of twitter passwords from when settings are changed. Facebook user account names are also extracted (but not Facebook passwords).
* Extraction of gmailchat parameter from cookies in order to identify users through their Google account logins.
* Protocol parser for Syslog. Syslog messages are displayed on the Parameter tab.... read more

Posted by Erik Hjelmvik 2011-02-05

Network forensics in Linux with NetworkMiner

A nice blog post, describing how to run NetworkMiner under *nix based OS’s, was recently posted by C.S. Lee. The blog post shows how to install Wine in Ubuntu Linux, and then how to launch NetworkMiner using Wine.

Read the whole blog post at:
http://geek00l.blogspot.com/2008/12/drunken-monkey-running-network-miner.html

Posted by Erik Hjelmvik 2008-12-16

Perform WiFi sniffing with NetworkMiner

The newly released version 0.84 of NetworkMiner supports live sniffing of WLAN traffic (IEEE 802.11). This allows users to perform wireless network forensic analysis on any Windows machine with an AirPcap adapter installed. The RadioTap protocol as well as the Logical Link Control (LLC) protocol are also implemented in order to extract as much information as possible about the hosts communicating over a WLAN.... read more

Posted by Erik Hjelmvik 2008-05-19

Wanted: Beta testers with network traffic access

Do you have access to a large number of PCAP files, a monitor port (SPAN port or network tap) on a busy switch/router or do you practice the art of Wi-Fi sniffing? Then you're the person I'm looking for!

When developing dissectors for various protocols I need to test/evaluate my implementations with real network traffic. This is a complicated task for me since I don't have any access to network traffic other than my own.... read more

Posted by Erik Hjelmvik 2008-03-10

Extract files from PCAP files with NetworkMiner

NetworkMiner can now be used to extract files sent with HTTP, SMB or TFTP from a PCAP file. This can be used in order to perform off-line analyzis of sniffed traffic or in order to save streamed audio/video files to disk.

http://networkminer.wiki.sourceforge.net/save+media+files

Posted by Erik Hjelmvik 2007-11-29