Do you really know what happens when we connect our Windows PC to the Internet? Which of the applications are connecting to which of the remote servers or websites? Which network interface is being used for a particular protocol? In order to find out the full real-time details of network activities on your Windows PC, you can make use of a tool called NetworkMiner.
NetworkMiner is a forensic analysis tool that can analyze and display all the network related information in easy to read format. It intercepts network packets and identifies them before displaying them in a tabular format. All the information is displayed in real-time. In this way, we are able to collect data on open ports, host operating system, network interfaces, DNS requests, networking sessions and much more.
In addition to intercepting the usual TCP/UDP traffic, this tool allows you to intercept files and certificates transmitted over the network. For the forensic analysis, these two are very important as it further allows us to save documents of many types, including audio, video or images.
For all the hosts that have been connected to a remote network, it displaty the IP address, MAC, NIC vendor, operating system being used, TTL, TCP ports being used and more.
The user interface of NetworkMiner is very minimalist. Everything is contained inside a small window while making all the information and settings easily accessible. The application also allows drag-n-drop interface which makes it very easy to save and load the information or files.
NetworkMiner definitely provides much more information than some other popular network monitoring tools such as TCPView. It is designed to be used by experienced users who have some basic knowledge about how networking works and what kind of information is tranmitted using all the various protocols such as SMTP, POP3, TCP, UDP etc.
You can download NetworkMiner from https://www.netresec.com/?page=NetworkMiner.