SOFTWARE MANUAL NET VIGILANT NETWORK MONITOR V1 1 Printed On 3rd Dec 2007 C Washington University SoftwareUserManual docx Department Of Computer Science Engineering Washington University in Saint Louis Submitted By Subharthi Paul Madhuri Kulkarni 1 Table of Contents 1 INTRODUCTION 3 1 1 Project Overview 4 2 REQUIREMENTS 2 1 Software Requirements 2 2 Hardware Requirements 3 APPLICATION WORK FLOW Packet Capture Packet Filtering Network Utilities Packet Save Retrieve Exit Application 3 1 3 2 3 3 3 4 3 5 4 ADDITIONAL INFORMATION 4 1 Definitions Acronyms and Abbreviations 4 2 References 2 5 6 6 7 8 9 12 18 20 21 22 22 INTRODUCTION 3 INTRODUCTION 1 1 Project Overview The main use of this application is for capturing packets storing them for analysis and retrieving them later again if needed Following functionalities have been implemented Basic Functionality 1 Network Monitor Packet capture This feature provides the facility to capture network packets These packets will be parsed and the packet header details will be listed in a table The packets can be stored in XML Extensible Markup Language serialized formats These packets can be retrieved later for viewing and analysis 2 Packet Filtering The captured packets can be filtered to display according to the packet type The packets can be filtered by protocol type TCP Transmission Control Protocol UDP User Datagram Protocol ARP Address Resolution Protocol ICMP Internet Control Message Protocol and IGMP Internet Group Management Protocol 3 Network Utilities Ping TCP Statistics UDP Statistics The above mentioned utilities are implemented for network traffic analysis 4 Packet Analysis The detailed packet information is displayed 5 Graphical Interface We have implemented an easy to use Windows based graphical user interface 4 REQUIREMENTS 5 2 REQUIREMENTS 1 2 NET Vigilant Setup File WinPcap V4 0 1 must be installed WinPcap is the industry standard tool for link layer network access in Windows environments it allows applications to capture and transmit network packets bypassing the protocol stack and has additional useful features including kernel level packet filtering a network statistics engine and support for remote packet capture WinPcap consists of a driver that extends the operating system to provide low level network access and a library that is used to easily access the low level network layers 1 2 2 Hardware Requirements Following devices are required Pentium IV and upward processor Monitor Keyboard mouse 1 GB RAM 1 5 MB of hard disk space Software Dependencies Installation of WinPcap V4 0 1 is necessary for the software to work on the computer Hardware Constraints Not all wireless network adaptor cards support packet capture Make sure your wireless network interface card supports promiscuous mode for packet capture Hence this software may not work on all wireless network interface cards But it will capture packets on Ethernet networks 6 APPLICATION WORKFLOW 7 3 APPLICATION WORKFLOW Installation of Net Vigilant Install WinPcap V4 0 1 Install Net Vigilant setup file by double clicking the setup exe Follow the instructions provided by the Installable file 3 1 Packet Capture 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button green arrow after selecting the adapter 3 Packets are listed in the bottom table on the screen 4 Double click on any packet to get a detail view of the packet on the right pane Figure 1 Packet Capture 8 3 2 Packet Filtering 1 Open application Net Vigilant by double clicking the icon Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 2 Packets are listed in the bottom table on the screen 3 Click on Filter Filter by and select one of the protocols Figure 2 Packet Filtering 9 4 The table in the bottom pane will show the selected packets if packets of that type have been captured Figure 3 Packet Filtering by TCP protocol 5 To remove the filter click on Filter Remove Filter 10 Figure 4 Remove Filtering 3 3 Network Utilities 3 3 1 Ping 11 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 3 Click on Utilities Ping Figure 5 Ping Utility 4 A Ping utility form will show up 5 Enter the IP Internet Protocol Address or select from the dropdown box 6 Hit the Ping button to view the result 12 Figure 6 Ping Utility 7 Result is seen above in the textbox 3 3 2 TCP Statistics 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 3 Click on Utilities TCP Statistics 13 Figure 7 TCP Statistics 14 4 A form shows up showing the TCP statistics Figure 8 TCP Statistics 3 3 3 UDP Statistics 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 3 Click on Utilities UDP Statistics 15 Figure 9 UDP Statistics 4 A form show up showing the UDP statistics 16 Figure 10 UDP Statistics 3 4 Packets Save Retrieve 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 3 Packets are listed in the bottom table on the screen 4 To save these packets either click the save icon button or click on Application Save menu 17 Figure 11 Save Packets 5 Enter an XML file to save the packets 6 You can load saved xml file later by pressing the Open file Button or by clicking Application Open menu 18 Figure 12 Open packets previously saved 5 5 Exit Application 1 Open application Net Vigilant by double clicking the icon 2 Double click on the any one of the listed adapters or press the Start Sniffing button after selecting the adapter 19 3 Packets are listed in the bottom table on the screen 4 To exit application press on stop button or click on Application Exit Figure 13 Exit application 20 ADDITIONAL INFORMATION 4 ADDITIONAL INFORMAITON 21 4 1 Acronyms UDP TCP ARP ICMP IGMP XML GB MB RAM IP User Datagram Protocol Transmission Control Protocol Address Resolution Protocol Internet Control Message Protocol Internet Group Message Protocol Extensible Markup Language Gigabytes Megabytes Random Access Memory Internet Protocol 4 2 References