| Computer networks and telecommunication technologies are nowadays used in a wide range of applications in daily life and work. The success of the Internet brought networking in every house. However, This makes the complexity of computer networks growing every day. This also makes harder the work of design, maintain and making a network secure. For this reason there is an increasing need of tools able to analyse, diagnose and test the functionality and the security of networks. These tools, in order to perform their work, need usually to obtain the data transiting on a network, capturing it while the network is working. The great number of transmission techniques and communication protocols complicates this task. Moreover, performance is very important in order to capture from fast networks at full speed without loosing data.First this paper introduces some concepts of sniffing and related windows operating system concepts. Then this paper discusses the sniffing solution in detail from concepts to codes, from high level to implementation and from user level to kernel level. This paper talks about the essential steps and advanced functions to implement a WinPcap based application. At last this paper presents the details of the parameters influencing the performances. Performance measurements are discussed on each of the components of the system such as the efficiency of the filter, size of the packet buffer, the number of bytes copied and the number of system call and so on and the system as a whole. Some test eases of the performance are provided and a whole system performance testing is executed. |
PDF Full Text Request