Packet Sniffing

Packet Sniffing With PRTG Network Monitor


Packet sniffing is used within a network in order to capture and register data flows. Packet sniffing allows you to discern each individual packet and analyze its content based on predefined parameters. 

Packet sniffing allows for very detailed network monitoring and bandwidth usage analysis. It, however, requires a broader knowledge of networks and their inner functions, in order to be able to recognize the relevance of the data being monitored.

Advantages of Packet Sniffing

Adding to normal bandwidth monitoring capabilities based on SNMP, PRTG allows administrators to discern actual bandwidth usage based on multiple parameters, such as source and destination IP addresses, MAC addresses, port numbers, protocols, etc., using packet sniffing. Furthermore, PRTG's packet sniffing functionality can be used to generate top lists, which enable administrators to recognize detailed usage trends, sources and destinations of individual communications via the network, as well as the details of the traffic flowing within said network.

How to Set up Packet Sniffing

Packet sniffing sensors generally use the host machine's network card, but can be configured to use monitoring ports found on some networking devices using port mirroring / forwarding in order to monitor the overall network bandwidth utilization.

Using a device equipped with a "monitoring port" or "port mirroring" you can use packet sniffing to monitor all the traffic in your network. Most unmanaged switches do not have this feature, many managed switches do.

Port mirroring is used on a network switch to send a copy of all network packets seen on one switch port to a monitoring network connection on another switch port. This is commonly used for network appliances that require monitoring of network traffic, such as an intrusion-detection system. Port mirroring on a Cisco Systems switch is generally referred to as SPAN. You can also use an old-fashioned hub. Hubs send all network packets to all ports, but they are a lot slower than switches.

  • Configure the switch(es) to send a copy of all network packets to the IP of the machine running PRTG
  • Create a new Packet Sniffing Sensor without any filtering to monitor network's total traffic

Note: If you have several switches/routers you may not see all traffic if you only monitor one device

Further information on setting up PRTG's build in packet sniffer can be found in the manual and in the knowledge base.

Free Packet Sniffing

You can test PRTG Network Monitor and its packet sniffing capabilities with the 30-Day-Trial-Edition. The Freeware Edition is completely free for personal and commercial use and may be downloaded at no cost. The Commercial Editions are required if you want to monitor more than 100 sensors.

Download Network Monitoring Software for Windows - Version 17.1.28.1032 (January 10th, 2017)
Languages English, German, Spanish, French, Portuguese, Dutch, Czech, Russian, Japanese, and Simplified Chinese
Pricing Free for up to 100 sensors (Price List)
Unified Monitoring Network devices, bandwidth, servers, applications, virtual environments, remote systems, IoT, and more...

Supported Vendors
& Applications

 

 

More >>

Related Topics

Copyright © 1998 - 2017 Paessler AG