For Education |
Teachers communicate better with Unsniff
Top features for teachers, students, and researchers
Unsniff as a teaching aidWhether you are teaching NET 101 or NET 901 - hands on lab assignments are essential for a complete understanding of the course material. Currently a large number of universities and colleges are using tools like tcpdump, or ethereal as the primary teaching aids. While these tools are excellent (especially Ethereal) in the sheer breadth of protocols supported, their weakness in visualization, reassembly, and extensibility make it hard to adapt them to a teaching environment. Unsniff is designed to be adaptable to various teaching situations. The simple and direct packet displays are so intuitive that your students will understand it instantly.
For more information about how Unsniff Network Analyzer can help with your particular usage scenario, contact us at |
Why Unsniff ?
Unsniff Network Analyzer offers multi layer monitoring with deep content awareness right out of the box. The unique advantages of Unsniff are :
- Multi layer monitoring - flows, PDUs as top level objects
- Advanced NFAT (Network Forensics) abilities
- Scriptable for automation
- Fast native Windows UI w/ new visualization
- USNF format instantly opens huge capture files
- Advanced TLS decryption and analysis (incl TLS1.2 AEAD)
Scriptable : Automate your analysis
Unsniff exposes all entities as scriptable objects. They include Packets, Flows, PDUs, User Objects too. Write tiny but powerful scripts to automate the most tedious proceses. Some use cases
- Automatically extract all images greater than 200K into a directory ?
- Save each VOIP call as a separate .WAV file
- Save the first 100K of each TCP flow
- Reassemble and save in and out directions of each flow with a custom naming scheme ?
- Import from Wireshark, apply custom filters, then export back into Wireshark
- Pretty much anything you can do manually can be automated
Not just packets : PDUs , flows , and content too
Network flows are TCP streams. Each flow is treated as a top level object in Unsniff. You are presented with a list of flows in addition to packets and you can choose to work on flows as a unit instead of per packet.
Protocol Data Units (PDUs) are reassembled messages that are extracted from raw packets. Unsniff lets you see these messages instead of just packet. For example you can view and monitor SSL/TLS Records instead of fragments of packets. Unsniff supports SNMP, LDAP, TLS, and other PDUs.
User Objects are extracted content ; such as images, emails, files, video, audio. The Unsniff User Objects Sheet allows you to work with them for forensics and investigative purposes. Most use cases are covered.
User Objects : Advanced Forensics and reconstruction
Unsniff has top notch and deep network forensics analysis (NFAT) capabilities. All objects are extracted and shown in the User Objects sheet. A subset of support.
- HTTP : Full page reconstruction, images, POST messages, all CSS/JS, video, flash, and every kind of content can be extracted
- Deep Keyword Search : Search in content
- Email SMTP, POP3, IMAP, FTP files, SMB files,
- Yahoo! Chat, MSN Chat, AOL Chat
- Yahoo! / MSN Voice chat.
- Google video chat - incl support for VP8 video/SPEEX audio codec
- SIP/RTP/H.323/IAX2 - VOIP calls - incl all major codecs
- Youtube reconstruction