Network Behavior Monitoring System

1. System Architecture

Shows the system architecture:

Each behavior analysis component is a COM component that implements a unified interface, and the system is very easy to expand. The packet protocol parsing engine can parse nearly 400 network protocols.

2. Installation and Use

Step 1: first install the Winpcap and agent programs, and then install the console;

Step 2: Start the console, add a monitoring agent (the first button) from the toolwindow "Monitoring Agent Management" in the lower part of the main window, and then add a monitoring task (the third button, each button has a tooltip prompt );

Step 3: Start the monitoring task (the fifth button) for real-time monitoring or open the network packet dump file captured by other programs in the agent main window, files can be windump or other commonly used packet capture programs;

Note:

When exiting the program, stop the task or close the file;

Real-time Monitoring and Analysis of dump files cannot be used at the same time.

3.

Net Monitor Console

Net Monitor agent

Winpcap 3.0

4. Screen

• Console Main Interface

Click to view the chart

• Add agent

Click to view the chart

• Add task

Click to view the chart

• Configure the network interface for packet capture

Click to view the chart

• Agent Main Interface

Click to view the chart

• MSN analysis result

Click to view the chart

• FTP analysis results

Click to view the chart

• HTTP analysis results

Click to view the chart

• SMTP/pop analysis results

Click to view the chart

Click to view the chart

• TCP analysis result

Click to view the chart

• Packet Analysis Program

Click to view the chart

Click to view the chart

 

This software is strictly prohibited for commercial purposes !!