GJPSoft Network Monitoring Software GJPSoft Network Monitoring Software
Home   |   Products   |   Download   |   Purchase   |   Support   |   Resource   

Lets whole network on your hand.

PRODUCTS
UltraSniff - Network Sniffer
  Capture network packets, monitors network traffic, analyzes network related problem.
  MSN Monitor & Sniffer
  Monitor MSN messenger conversations on LAN.

 

 


  Useful Link:

Software Hypermarket

ISO Image Creator

DVD to MP4 Converter

Free News Release


GJPSoft Technical Support

Contact US

If you have any comments, suggestions, or questions regarding our products, feel free to contact our customer support team at support@msnmonitor.com .

FAQ

Please read the following FAQ to see whether your question is already answered.

When I use UltraSniff to capture packets, I see only packets to and from my machine, or I'm not seeing all the traffic I'm expecting to see from or to the machine I'm trying to monitor.

This might be because the interface on which you're capturing is plugged into an Ethernet or Token Ring switch; on a switched network, unicast traffic between two ports will not necessarily appear on other ports - only broadcast and multicast traffic will be sent to all ports.

Note that even if your machine is plugged into a hub, the "hub" may be a switched hub, in which case you're still on a switched network.

Note also that on the Linksys Web site, they say that their auto-sensing hubs "broadcast the 10Mb packets to the port that operate at 10Mb only and broadcast the 100Mb packets to the ports that operate at 100Mb only", which would indicate that if you sniff on a 10Mb port, you will not see traffic coming sent to a 100Mb port, and vice versa. This problem has also been reported for Netgear dual-speed hubs, and may exist for other "auto-sensing" or "dual-speed" hubs.

Some switches have the ability to replicate all traffic on all ports to a single port so that you can plug your analyzer into that single port to sniff all traffic. You would have to check the documentation for the switch to see if this is possible and, if so, to see how to do this.

Note also that many firewall/NAT boxes have a switch built into them; this includes many of the "cable/DSL router" boxes. If you have a box of that sort, that has a switch with some number of Ethernet ports into which you plug machines on your network, and another Ethernet port used to connect to a cable or DSL modem, you can, at least, sniff traffic between the machines on your network and the Internet by plugging the Ethernet port on the router going to the modem, the Ethernet port on the modem, and the machine on which you're running UltraSniff  into a hub (make sure it's not a switching hub, and that, if it's a dual-speed hub, all three of those ports are running at the same speed.

If your machine is not plugged into a switched network or a dual-speed hub, or it is plugged into a switched network but the port is set up to have all traffic replicated to it, the problem might be that the network interface on which you're capturing doesn't support "promiscuous" mode, or because your OS can't put the interface into promiscuous mode. Normally, network interfaces supply to the host only:

packets sent to one of that host's link-layer addresses;
broadcast packets;
multicast packets sent to a multicast address that the host has configured the interface to accept.
Most network interfaces can also be put in "promiscuous" mode, in which they supply to the host all network packets they see. UltraSniff will try to put the interface on which it's capturing into promiscuous mode unless the "promiscuous mode" option is turned off in the "Select Adapter" dialog box.

You should ask the vendor of your network interface whether it supports promiscuous mode. If it does, you should ask whoever supplied the driver for the interface whether it supports promiscuous mode with that network interface.

In the case of token ring interfaces, the drivers for some of them, on Windows, may require you to enable promiscuous mode in order to capture in promiscuous mode.

In the case of wireless LAN interfaces, it appears that, when those interfaces are promiscuously sniffing, they're running in a significantly different mode from the mode that they run in when they're just acting as network interfaces (to the extent that it would be a significant effort for those drivers to support for promiscuously sniffing and acting as regular network interfaces at the same time), so it may be that Windows drivers for those interfaces don't support promiscuous mode. However, you can try to capture into "All Local" mode.

How do I capture packets on DIAL-UP/ADSL MODEM/ISDN MODEM?

Please choose Adapter Name "Modem,ISDN,Dialo-up Connections)WAN Miniport(IP)".

I'm only seeing ARP packets when I try to capture traffic.

You're probably on a switched network, and running UltraSniff on a machine that's not sending traffic to the switch and not being sent any traffic from other machines on the switch. ARP packets are often broadcast packets, which are sent to all switch ports.

Do I have to pay for the upgrades?

No, All kinds of upgrades and releases for our products are full free to registered users.

Do I have to pay for the technical supports?

No, All kinds of technical supprts for products  are full free to registered users.

 

   
© 2002-2006 GJPSoft Network Software Studio. All Rights Reserved