Is the HookPeek application a network monitor or “sniffer”?
No, the HookPeek sample application that is provided with the WinDis 32 Framework is NOT a network monitoring or “sniffer” program. It is, however, a good place to start development of such a program. In fact, PCAUSA products are used as the network packet reception codebase for several commercial network analyzer products. HookPeek does place the selected adapter into promiscuous mode and “dump” packets to the console. However, there is a lot more to making a good network analyzer. First of all, dumping each packet to the console actually takes a lot of time. On a heavily loaded network packets can be lost during the time that it takes to display the packet. Commercial network monitor programs save the packets in internal memory buffers and display very little information while actually collecting data. In addition, commercial network analyzers provide lots of other packet data processing and filtering functions that are not provided by HookPeek.
Related Questions
- When I use EtherPeek to monitor my high speed network, the application tends to slow down. Are there any tips to optimize performance?
- How is WinPacMonDB different from other network monitor programs (like Sniffer, BigBrother, Internet Manager, etc)?
- Is the HookPeek application a network monitor or "sniffer"?
