The Coke Sniffer
@ :: projects :: Feb 02 2003 - 17:21 GMT
RattleSnake writes: Coke is a raw Packet sniffer for Windows with a GUI (Graphical User Interface). Coke only works under Windows 2000 and Windows XP since the WinSock Version 2.2 Implementation supports raw sockets only on these systems appropriately.
Coke is comfortable to use in my opinion, so I do not think I have to elaborate the graphical interface at all. Coke captures packets and displays quick information about them in a list - as soon as you select such a packet, the complete packet structure is displayed in a tree view control and you can select and copy the decoded values.
Coke only supports the IP Version 4 and the Transport Protocols ICMP, IGMP, TCP and UDP. Coke allows you to filter the captured packets for keywords and source IP address - these settings can be saved to an INI file as well.
Coke is simple and does not have many options. However, I think it is cool for educational purposes since it is open source and I also think that it gives you all the information you need. However, other great sniffer for windows are this one from TWLC's monitoring tools section and Iris which you will get from eEye.