by August 21, 2002 0 comments



This is a tiny packet capture utility that can capture both TCP and UDP packets, meaning it’s only meant for IP-based networks. If placed at the right point on your network, it can provide useful information. If installed on a machine connected to a switched network, it can capture and display all traffic flowing to and from that machine. On a shared network, of course, it can capture all traffic flowing from any machine to any machine. 

Some good things about this utility are that it can discover all machines on your LAN, and you can display them by their IP address, hostname, or both. This can be useful in finding out information like the most noisy machine on your network. One negative here, though, is that you can’t sort the host names in alphabetical order. So finding a particular machine can be slightly cumbersome if you have a large network. The utility can also discover all machines being accessed on the Internet from the machine it’s installed on. 

This utility allows you to discover all machines on your network.

Snapshot
COLASOFT CAPSA
Price:
Personal edition: $99 (capture packets to and from local machine)
Professional Edition:
 $199 (capture packets on entire LAN segment)
Meant for: 
Network administrators
Pros:
easy to use; useful views
Cons:
Can’t sort packets; no reporting facility
Contact:
Colasoft.
E-mail: 
sales@colasoft.com.
 

Capsa provides four types of views to the information it captures. There’s the Explorer view that’s an overview of everything. Here it shows, among other things, the maximum packets being transmitted by each machine, and the bandwidth utilization in KB/sec for each machine as well. This can help you determine which machine is generating the maximum amount of traffic.

The second type of view lets you view the actual packets it has captured from all machines on your network. Here, you can further sub-divide the packets as either TCP or UDP. One shortfall here, though, is that it only allows you to view the packets in HEX format. If you want to view their ASCII values, you’ll have to copy and paste them to an ASCII editor like Notepad. Another problem we found here was that you can’t sort the packets in any way, thereby limiting your view of packets to just the order they were captured in. 

The other two views it provides are slightly dangerous if they fall into wrong hands– it displays all e-mails and passwords it has captured. 

The Bottom Line. The utility is quite useful, considering that it’s only 1.19 MB in size. However, it would have been nice if it included some sort of reporting facility. Also, the manual only talks of its menu items and what they do. It would have been more useful, had it provided some scenarios where the utility can be used, and how to analyze certain types of packets. Plus, you can’t export specific packets from a machine. It only allows you to export the entire gamut of captured packets. 

Anil Chopra at PCQ Labs

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

<