The latest release of Unsniff Network Analyzer features two nifty features for working with TCP Flows.
Detect packet loss in captured stream
Dropped packets could completely jeopardize content reconstruction which is what a lot of people use Unsniff for. It is very difficult to eyeball a packet capture and tell if some TCP sessions have missed packets. To help here, Unsniff adds a new column to the list of TCP Sessions called “Loss Flags”. For each TCP flow, Unsniff performs a hole analysis using an infinite window. If any holes are detected in either direction it will be flagged here. See the image below for a sample.
Export a flow to a separate capture file with a single click
We found this extremely useful while working with a lot of troublesome captures. Typically you are interested only in a single or handful of flows out of dozens. Previously you could export an entire flow by Copy > Paste as new file This was a bit tedious, now you can just right click on a flow and select Pull out as new capture file
Several more
There are several huge improvements in Unsniff in the past month. If you havent updated it , please download the latest build and give it a try.