This code seems to have a high untilization for my cpu. Any ideas on why?
NetworkMiner performs data analyzis in real time when you use it as a sniffer. This means that TCP sessions are being reassembled, OS's are being fingerprinted, data is searched for keywords and packets are being parsed while you are sniffing. All of this can be rather computationally heavy if you have high speed traffic. I am however working on keeping the time complexity down to a reasonably level in NetworkMiner.
I would recommend using NetworkMiner for offline forensic analysis by parsing PCAP files rather than sniffing. Especially since the current version of NetworkMiner has no support for saving the sniffed data.
So if you have a lot of traffic it would be better to use tcpdump, windump, Wireshark, Kismet or some other application that can produce a pcap dump file. Then load the pcap file into NetworkMiner in order to further analyze the data.
The other option is to buy yourself a faster computer ;)
Hi, I had been try on my Laptop (1.2 GB Memory)+window 2003 R2 system, it work fine for me 70% of CPU.
The reason and exciting for me the Software can decrypt SSL packet for me such as mail.google.com / mail.yahoo.com if I connect the suspect into HUB.
I would like to suggest the software should like the "ettercap for windows" which can let me choise HOST to sniff.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.