Sniffnet: Open-source Network Monitoring!

By /

Listen to this Post

Sniffnet is a free and open-source network monitoring tool designed to help users efficiently track and analyze their internet traffic. It’s particularly useful for both beginners and advanced users due to its simple GUI, real-time monitoring, and ability to detect various protocols, services, and network threats:

  • Traffic Monitoring: Track internet activity & network adapters in real-time.
  • Threat Detection: Spot malicious traffic and suspicious connections.
  • Protocol & Service ID: Detect 6,000+ protocols & network services.
  • Geolocation Tracking: Identify the country & ASN of remote hosts.
  • Local Network Visibility: Discover devices within your network.
  • PCAP Capture: Save network data for forensic analysis.
  • Custom Alerts: Get notified on specific network events.

Source: Sniffnet GitHub

You Should Know:

Installation & Basic Usage

To install Sniffnet on Linux (Debian/Ubuntu):

 Install dependencies 
sudo apt update 
sudo apt install -y libpcap-dev build-essential

Clone and build Sniffnet 
git clone https://github.com/GyulyVGC/sniffnet.git 
cd sniffnet 
cargo build --release

Run Sniffnet 
./target/release/sniffnet

Key Commands for Network Analysis

  1. Capture Traffic with Tcpdump (Alternative to Sniffnet’s PCAP feature): 
    sudo tcpdump -i eth0 -w capture.pcap

2. Analyze Traffic with Wireshark:

wireshark capture.pcap

3. Check Open Ports & Connections:

sudo netstat -tulnp 
 OR 
sudo ss -tulnp

4. Monitor Real-time Traffic with iftop:

sudo iftop -i eth0

5. Check Network Adapters:

ip a 
 OR 
ifconfig

Detecting Suspicious Activity

  • Find Unusual Outbound Connections: 
    sudo netstat -antp | grep ESTABLISHED

  • Check DNS Leaks or Malicious Queries: 

    sudo tcpdump -i eth0 port 53

  • Block Suspicious IPs with iptables: 

    sudo iptables -A INPUT -s 192.168.1.100 -j DROP

Windows Alternatives

  • Capture Traffic with PowerShell: 

    New-NetEventSession -Name "CaptureSession" -CaptureMode SaveToFile -LocalFilePath "C:\capture.etl" 
Start-NetEventSession -Name "CaptureSession"

  • List Active Connections: 

    netstat -ano

What Undercode Say

Sniffnet is a powerful yet user-friendly tool for network monitoring, making it ideal for cybersecurity analysts, sysadmins, and IT professionals. By combining it with traditional CLI tools like tcpdump, netstat, and iptables, users can enhance their network security posture. For advanced threat detection, integrating Sniffnet with SIEM solutions or correlating data with threat intelligence feeds can provide deeper insights into malicious activities.

Expected Output:

A detailed guide on using Sniffnet alongside essential Linux/Windows commands for network monitoring and threat detection.

Relevant URLs:

References:

Reported By: Priombiswas Ict – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: