If I knew the developer programmer behind Nirsoft, I would absolutely not have him as an enemy because given what he manages to do publicly, I dare not think about where he could go if he unleashed his skills against someone. Obviously, we are talking about computers and tools that intercept the data traffic that passes over the internet connection in a network that can be the one at home if there are multiple computers in different rooms or that of an office .
If the computers are in the same network, wifi or cable, they come out on the internet (so they connect to surf the web) through the same router that connects them to each other.
Windows, like other operating systems, protects the computer from intrusions and you can also use a firewall to avoid any type of intrusion inside the PC.
The problem is that most of the network traffic, the websites you browse, the Google searches, the data sent via the internet such as emails, passwords and messages on other sites can be easily intercepted and read by another computer .
As explained in another article, using easy software tools, enter a wifi network and spy on what you do on the internet .
Nirsoft, on the other hand, is the leader in network tools for capturing information and sniffing traffic within the network (therefore without hacking or illegal activities) that technicians and administrators can use to diagnose problems or for other reasons.
Among these reasons, it can certainly be that of wanting to check other computers to see where they surf and maybe capture private information .
These tools are very useful for those who want to have tighter control over their home or office computers.
As a prerequisite, all these network tools that intercept packets and information require, on Windows 10, Windows 7 and other versions, the installation of a program called WinPcap, a virtual driver that enables the capture of information from the computer's network card ( this is because Windows does not support promiscuous mode)
Without needing to know more details, the first thing to do is to install the WinPCap driver by downloading and then following the normal wizard.
With WinPcap, you can use these 4 Nirsoft tools that capture packets and translate them into valuable and understandable information on what is happening on the internet from the computers that connect to the network .
In some cases, these sniffing and monitoring tools must be run with administrator rights (right click on the .exe file and then choose " Run as administrator ".
Some antiviruses may report these tools as viruses: they are false warnings to be ignored and indeed, to those who happen, I would really suggest changing the security program.
1) Network monitoring and control with NetworkTrafficView and SmartSniff
This tool, portable and to be performed without installation, can intercept network traffic through the WinPcap driver and displays statistics and information on the data that passes via the internet from all PCs on the network ( also applies to mobile phones that connect via wifi ).
The program displays network traffic in real time with information on: IP protocol, source and destination address, ports, process, the total amount of Kbytes transferred and the transmission speed.
NetworkTrafficView is mostly a program for network administrators, hardly comprehensible to people who are not computer and networking experts.
Unfortunately you cannot filter the traffic in order to capture only certain information so let's go to the second of the list that will surely give more satisfaction.
SmartSniff gives some more information about the programs used on the computers and sites visited.
2) WebSite Sniffer and HTTPNetwork Sniffer to see which sites are visited .
With WebSite Sniffer it is possible to capture information about the websites on which people who use other PCs surf the same network, at home, in the next room, or in the office.
In this case there is very little to understand why each line that is recorded by WebSite Sniffer is the name of a website so you can check, in real time, which sites are visited by others .
The program is automatic and just press the Start and Stop buttons to start or stop the capture of websites.
WebSiteSniffer captures all website files uploaded to various computers on the network (HTML, Flash, video, images, scripts and other content files) automatically, while browsing the Internet and stores them in a favorite folder that can be consulted as chronology or at the end of the day.
The only sites that don't show up are the ones that start with HTTPS with an encrypted connection.
HTTPNetwork Sniffer is very similar and sniffs all the packets that pass from the websites to the computer, showing their names and addresses.
3) Capture of cookies with Web Cookies Sniffer
Cookies are small data files used for monitoring and storing information and settings on various websites.
They are necessary, but at the same time they leave traces on what is done online.
If you want to know which cookies are saved on your computer and on the PCs connected to the network, in real time, while browsing the browser, you can use WebCookiesSniffer.
The first time you start the program, you are asked to choose the capture method and the network card.
The capture method is always WinPcap while the network card must be the one that is connected to the router or, if network sharing is used, it is the shared network.
The program collects information on the internet, whatever browser is used on the computer.
The list of cookies indicates various information including the host name, which coincides with the site that releases the file on the computer.
The capture is in real time, it can be stopped and restarted with the start and stop keys but a history with the recordings is not saved.
It is interesting to note that when a search is made on the Internet on Google from a PC or a mobile phone connected to the network, WebCookiesSniffer reports the search path and it is thus possible to know which searches are made .
4) Password capture : Password Sniffer
After running Password Sniffer, every time a password is entered from computers on the network to access an account on a website such as Facebook or Twitter, it is intercepted and displayed on the main interface .
SniffPass is able to capture the passwords of the POP3, IMAP4, SMTP e-mail protocols and then of the FTP and HTTP protocols (basic authentication password only).
It does not work with HTTPS sites, therefore with sites whose data transmission is protected and does not work if the network is managed by a router that does not allow passwords to pass.
5) DNSQerySniffer to see all the links to websites in real time by browsing the internet.
Besides these Nirsoft tools, always with the aim of sniffing the network and capturing packets of internet traffic in a network, we must mention and report:
- Wireshark to capture information on the net and intercept traffic
- Microsoft Network Monitor (no longer updated since 2010)
- Capsa Free Network Analyzer only 64 bit.
6) In another article, other programs to attack the network and find vulnerabilities by intercepting traffic even with Man In The Middle attacks that spy and change communications between two people.
As you can see, the power of these programs is in their utility for diagnostics and troubleshooting and there is no virus, no files to be installed on the target computers and no attempt to fraudulently and deceitfully steal private information .
The packets that pass through a computer network and the one that is transmitted on the internet are simply intercepted and translated in an understandable way.
