Network Programming in .NET: With C# and Visual Basic .NET
Addressing real-world issues facing professional developers, the purpose of this book is to provide tools to design and implement network-orientated applications in .NET.
TABLE OF CONTENTS Network Programming in .NET: With C# and Visual Basic .NET
Chapter 13: Analyzing Network Packets
13.1 Introduction
Network programming is very much concerned with moving data from client to server, but when you need to look at what is moving between the client and server, you encounter a problem.
In most cases, there is no need for a program to know what data is being received by other applications. Furthermore, it is a security risk to have one program that could scan third-party applications, such as FTP software, and retrieve the username and password for your Web site; however, if you are building a value-added package to a third-party application, such as a content filter for a proprietary or legacy application, tapping into what is being sent between client and server is a good start.
Packet capture isn't something new. It has been around for many years. But very few applications actually leverage the technology to provide tools that can be used in conjunction with other software to provide virus or computer-misuse detection. What is available, though, are extensive tools that can tell you what each byte in every packet means, down to even the computer manufacturer that sent the packet. Figure 13.1 shows the demo version of TracePlus from www.sstinc.com.
Figure 13.1: TracePlus utility.
| Note | In order to determine the manufacturer of a particular piece of equipment from its MAC address, access the listing at http://standards.ieee.org/regauth/oui/oui.txt, which contains most, if not all, network equipment manufacturers with their allocated MAC address space. |
Software that can leverage packet-level data can be useful for businesses. We have...
Copyright Elsevier Inc. 2004 under license agreement with Books24x7
