If I was a malware writer, the most important function of the malware would be to “phone home”, with the information I had targeted to steal. There’s nothing unusual about this, since much of the malware currently infecting the Internet does just that.
So, keeping that in mind, when I have an issue on one of my home machines, and occasionally I do, the very first thing I check is the state of the ports on that machine. Actually, since I’m involved in Internet security, I monitor my open ports and Internet connections frequently throughout a browsing session.
We’re not limited to just port checking when it comes to network integrity, however. A particularly good tool for this job, is a network analyzer; often referred to as a packet sniffer.
At first glance you might think that packet sniffing is time consuming, and not worth the effort. But it is worth the effort, and it’s not time consuming. More to the point, in my view, it’s a strong component of the layered defense approach to Internet security, that regular readers of this site are familiar with.
Regular reader Fathom Out, let me know recently, that a free license (regular price $39.00), is available for one such network analyzer, LayerView.
While I have not tested this application, Fathom Out reports the following – “It’s fairly good with a clean interface. Only problem I’ve come across is that, when running for a long time, it takes up a lot of RAM”.
From the developer’s site:
LayerView is a lightweight, robust, flexible packet sniffer which allows you to take control of your network.
It will show you exactly what data your computer is sending and receiving.
Conversation view – LayerView reconstructs entire TCP/UDP conversations for browsing.
Protocol analysis – LayerView can decode a wide range of protocols, with more being added every day.
Full filtering support – LayerView lets you search through and filter data collected.
Once LayerView has been installed, you will see this screen. From here you can begin using LayerView.
System requirements: Windows 2003, Vista, XP, Server 2008
Download at: LayerView. After you have downloaded the application, return to the free license page for the license.
Note: Email registration is required to obtain the free license.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.