Simplicity is the ultimate sophistication

Font Size





More Wireshark/Pcap Toos

All the credits for this great content go to caesar0301 @ https://github.com/caesar0301/awesome-pcaptools 
I just saved the below in case his page disappears… this will complement my own list : http://www.1001qa.net/index.php/tools/109-wireshark-tools


This project does not contain any source code or files. I just want to make a list of tools to process pcap files in research of network traffic. For more awesome lists, see https://github.com/sindresorhus/awesome

License: Apache License v2.

Wireshark Tools


wsbadge@186x57[1]Here is a copy and paste of the page (https://wiki.wireshark.org/Tools) .I decided to copy and paste the webpage here because I use active reading and I will edit the page later deleting what I do not need and adding my comments where I consider it useful. I already highlighted the ones that can help me to solve an immediate need: post packet captures online in a CloudShark like style, for my own use and future references.

Network blood test

Here is a short list with things everyone should check in order to make sure their network is OK
  • No shared Ethernet segments are saturated (no more than 40 percent sustained network utilization). New segments should use switched and not shared technology.
  • No WAN links are saturated (no more than 70 percent sustained network utilization).
  • The response time is generally less than 100ms (one-tenth of a second). More commonly less than 2ms in a LAN.
  • No segments have more than 20 percent broadcasts or multicast traffic. Broadcasts are sent to all hosts in a network and should be limited. Multicast traffic is sent to a group of hosts but should also be controlled and limited to only those hosts registered to receive it.
  • No segments have more than one cyclic redundancy check (CRC) error per million bytes of data.
  • On the Ethernet segments, less than 0.1 percent of the packets result in collisions.
  • A CPU utilization at or over 75 percent for a 5-minute interval likely suggests network problems. Normal CPU utilization should be much lower during normal periods.
  • The number of output queue drops has not exceeded 100 in an hour on any Cisco router.
  • The number of input queue drops has not exceeded 50 in an hour on any Cisco router.
  • The number of buffer misses has not exceeded 25 in an hour on any Cisco router.
  • The number of ignored packets has not exceeded 10 in an hour on any interface on a Cisco router.
If all these are OK then the blood that flows through the veins of your network is OK!

Free AAA: Tacacs+ vs Radius

Here is a short article that will help and guide you in case you have to select one of these two protocols for controlling the access to your devices. The first thing you have to bear in mind is that while Tacacs is a propietary protocol (Cisco) Radius is an open standard protocol and it is natively supported by many applications and network devices. Plese see below a comparision table between the two protocols:

A quick look at traffic generators

Due to a change in priorities for the client I am working with I will have to postpone studying BGP (actually resuming this) and to start learning QoS and to add some Voice to my skills. This is a great opportunity and I am very happy that I can learn this.
Any serious QoS learning will involve testing and I don't think that you can seriously do that without using a traffic generator. So here is the list with traffic generators that I am currently evaluating and my opinions about each of them:
  1. TTCP
  2. IxChariot
  3. JPerf/Iperf
  4. Pagent
  5. Packet Builder
  6. Scapy
  7. Ostinato
  8. Mtools
  9. MGEN
  10. Rude/Crude
  11. UDPgen
  12. UDP Generator
  13. Network Traffic Generator
  14. MxTraf
  15. NTGen
  16. Netperf
  17. Traffic Generator Tool
  18. TfGen
  19. Packet Shell
  20. Real-Time Voice Traffic Generator
  21. Self Similar Traffic Generator
  22. PacGen packet forger
  23. IPGen packet forger
  24. IP-Packet packet forger
  25. GenSyn
  26. Netspec Traffic emulator
  27. Surge Traffic emulator
  28. Poisson Traffic Generator
  29. FTP traffic generator
  30. Brawny and Rough Udp Traffic Engine
  31. Jugi's Traffic Generator (jtg)
  32. TrafGen
  33. SPAK, Packet Generator
  34. TTCP, Test TCP
  35. PIM-SM, Protocol Independent Multicast Packet Generator
  36. KUTE-- Kernel-based Traffic Engine
  37. GEIST - Generator of E-commerce and Internet server Traffic

Commercial Tools

LANdecoder32T Traffic Generator  
LANTraffic V2 and IP Traffic Test & Measure  
Traffic Generator for Wide Area Networks  
Candela Technologies LANforge-FIRE Network Traffic Generator Testing Specific Protocols  
ProvaGEN 3.0  
Internetworking Test Traffic Generation Programs  
Omnicor Hardware IP traffic generators    
Omnicor Software IP traffic generators  
Skaion's Traffic Generation System (TGS)