WinPcap and Libpcap
WinPcap
Windows packet capture
WinPcap is the Industry-standard tool for Link-layer network access in Windows Environments:it allows applications to cap Ture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level Packet filtering, a network statistics (statistics) engine and support for remote packet capture.
WinPcap consists of a driver, that extends the operating system to provide low-level network access, and a library that is Used to easily access the low-level network layers. This library also contains the Windows version of the known Libpcap Unix API.
Thanks to it set of features, WinPcap is the packet capture and filtering engine of many open source and commercial netwo RK tools, including protocol analyzers, network monitors, network intrusion detection systems, sniffers, Traffic generator s and network testers. Some of these networking tools, like Wireshark, Nmap, Snort, ntop is known and used throughout the networking community.
Winpcap.org is also the home ? ? WinDump, the Windows version of the popular tcpdump tool ? ?. WinDump can used to watch, diagnose and save to disk network traffic according to various complex rules.
Libpcap
Libpcap, a portable (lightweight) C + + library for network traffic capture.
Tcpdump
Tcpdump, a powerful command-line packet analyzer
=====end=====
WinPcap and Libpcap