SmartSniff is a little Windows monitoring apparatus that captures network traffic, shows we where it’s going and infrequently even allows we to demeanour inside packets to try and brand what’s being sent.
When it comes to web monitoring tools, it competence not contest in a underline stakes with some others. But don’t let that put we off – SmartSniff has copiousness of and points of a own.
You don’t need a grade in modernized networking tech to use it, for instance. It’s easy: even trade capturing beginners can get started in seconds. Plus it’s free, yet an ad in sight. The download is little during usually 134KB, and there’s zero to implement – simply download it, unzip and run.
SmartSniff work on anything from XP (no kidding) to Windows 10, too, so if you’ve ancient hardware to investigate, no problem, SmartSniff has we covered.
- Best VPN: stay stable online and get around geo-restrictions
Scroll to a bottom of a SmartSniff website page and you’ll find it comes in 3 download flavors: a plain ZIP file, a 64-bit build, and a chronicle with an installer that covers everything.
If you’re regulating a complicated Windows 10 PC afterwards a 64-bit chronicle is best. Just download and unzip it, afterwards run a SmartSniff executable, smsniff.exe. If you’re not certain that chronicle we need, squeeze a installer.
The initial time we launch SmartSniff, it asks we to select a Capture Method. Leave a default ‘Raw Sockets’ choice comparison for now (ignore a ‘Windows 2000/XP’, it also works on all adult to Windows 10.)
Next, select a network adapter you’d like SmartSniff to monitor. Our exam laptop had lots of these, yet many of them could be abandoned (anything with a 0.0.0.0 IP address), and a ‘Connection Name’ mainstay should tell we that adapter to use. To guard a Wi-Fi trade we usually had to select a tie name ‘WiFi’, for instance, while a ethernet adapter was called, you’ve guessed it, ‘Ethernet.’
Using SmartSniff to guard Internet traffic
Setup complete, SmartSniff should open a categorical window and start displaying any network activity. You can control this from a toolbar by clicking a immature Record symbol to start capturing traffic, or a red Stop symbol to, well, stop.
If this doesn’t seem to be working, try rising a browser to give a app something to display. And if there’s still no luck, could we have selected a wrong adapter? Click Options Filter Option to check, or maybe try something else.
When all is regulating smoothly, you’ll see internet packets sent by your device, along with their remote IP address and horde or domain name, custom (UDP or TCP), a tie form (HTTP, HTTPS, IMAP, POP3 and others) and a lot more.
There’s a lot of fact here, yet if it’s some-more than we need, click View Choose Columns and transparent a checkboxes for anything we don’t wish to see.
Watch internet activity in genuine time
To get started, leave SmartSniff regulating for a few mins and see usually how most network activity your PC has going on in a background.
We sealed all browsers on a exam system, set SmartSniff running, and in 10 mins it prisoner 5,600+ packets opposite 165 ‘conversations’ (separate exchanges between a routine on a PC and a network or internet resource.)
Scrolling by a list gave us some-more of a feel for what’s happening. We saw a lot of conversations with remote websites, yet that’s usually a start. Our exam laptop had Outlook installed, and SmartSniff prisoner IMAP exchanges, POP3 and more.
You’ve substantially not downloaded SmartSniff usually to count packets, though. What’s some-more engaging is reckoning out what all this activity means, what’s unequivocally going on. And SmartSniff has some accessible collection to help.
What’s regulating your connection… and why?
SmartSniff can’t associate network trade with a process, so you’re not means to see that focus is obliged for any sold internet activity. But it does give we several ways to figure out some-more of what’s going on.
Scroll down SmartSniff’s constraint list and check a domains in a ‘Remote Host’ mainstay for anything we recognise. Our exam laptop spasmodic attempted to entrance ‘kck3hlb9.dashlane.com’, for instance, yet as we had a glorious cue manager Dashlane installed, that wasn’t a surprise.
Don’t commend a domain? Search for it during Google. We’ve found one complement communicating with a oddly-named ‘zwyr157wwiu6eior.com’, for instance. Malware? Nope, a discerning hunt told us it’s an wholly legit NordVPN server.
Windows 10, Microsoft Edge and Office frequently try to entrance several Microsoft servers, mostly since they’re promulgation so most information about how you’re regulating your PC. You’ll fast learn to commend those from accesses to domain names finale microsoft.com, windows.com, office.com, msedge.net, akamaiedge.net, azure.com, live.com, live.com.akadns.net and similar.
Look inside network packets
SmartSniff doesn’t usually uncover we a source and end IPs of any network activity. It also logs a calm of any packet, that competence assistance we figure out what has done a network connection, and why.
To try this out, click a network movement in a categorical SmartSniff list, and demeanour during a calm in a reduce pane. Sometimes this is plain text, for instance if an app has accessed website HTML code. Binary transmissions are generally unreadable, yet spasmodic we competence see recognizable text.
For example, one of a exam complement packets was mostly binary, yet also enclosed a URL svpnapi.safesoftware.net. A discerning Google hunt told us this was a Webroot Wi-Fi Security-connected server, that told us a tie was done by a Webroot Wi-Fi Security VPN installation.
There are copiousness of other elementary ways to analyse your system’s activity. Click a Total Size mainstay header and SmartSniff sorts your connectors by sum information transfer, for instance, highlighting all holding a largest punch of your bandwidth.
SmartSniff options and settings
Although SmartSniff works good with a customary settings, there are some other options and collection that competence urge your traffic-capturing life.
Leave a module regulating for a while and it competence constraint thousands of conversations, for instance, withdrawal we with approach too most scrolling to find what we need. Add some constraint or arrangement filters, though, and we can tell SmartSniff to arrangement usually trade to a sold IP address, or regulating a specific port, or one of many other options. Check a NirSoft site for examples.
There’s a warn additional in an Extract HTTP files underline that allows we to save files stored in a prisoner streams. This usually worked some of a time for us, yet hey, SmartSniff is freeware, we’re not complaining.
You can save a prisoner packets and reload them later, too, accessible if we need to analyse trade over time.
Although SmartSniff competence not be utterly as modernized as identical web monitoring collection such as Wireshark. Experts who like to tweak each low-level fact should check out a Advanced Options page, too, where there are all kinds of settings to conclude what SmartSniff captures and how it’s displayed.
SmartSniff is still comparatively basic, as constraint collection go (check out a traffic capturing guide for other options.) But it’s also easy to use, effective, configurable, unstable and free, and that’s some-more than good adequate for us.