York at its core looks like yet another networking monitor that is using the WinPcap packet capture library. If you look closer though, you will notice that it makes some things more comfortable than other programs of its kind. Alternatives include the Open Source application Open Monitor, NetWorx or NirSofts’ Network Traffic View.
The program installs WinPcap during the setup process so that you can start using the program right away without having to worry about dependencies. When you first start York you will notice that it starts capturing packets right away. Unlike other programs that display everything in a single window, York divides information into multiple tabs.
Data is displayed in realtime, and removed from the listing again after a certain period of time. This basically means that you will always see the latest data right away without having to scroll around.
York divides traffic into five tabs:
- Packets: Displays information about all packets, including the time, source and destination address, port and total packet size.
- Files: Keeps track of files that are downloaded to the computer.
- Passwords: Monitors passwords, usually in the form of cookies, that are written.
- Web Sessions: Lists all open web sessions
- Pictures: Displays image thumbnails of pictures that have been accessed during capturing.
Data is not logged into files by default. You can however open the program settings to select log files on your system that you want the data to be recorded into. The logging options are quite extensive, with options to log passwords, files and web sessions, and packets independently.
It is furthermore possible to switch the network adapter, enable sound notifications for events, or hidden mode which hides the program icon in the system tray. Advanced options include saving packets into a pcap trace file (for later analysis) or enabling a TCPdump filter to capture only specific packets.
The monitoring can be stopped and resumed at any time using the toolbar buttons in the main program window. The same options are also available on a right-click on the system tray icon.
York is compatible with all recent 32-bit and 64-bit editions of the Microsoft Windows operating system. It can be downloaded from the developer website.
0 comments:
Post a Comment