Monitoring your network can be a real pain. First and foremost, what tool should you use? Everyone you ask will give you a different answer. Each answer will reflect a different set of requirements and, in some cases, fill completely different needs. Here are the five network monitors I prefer, based on two criteria: They’re free (as in cost) and easy to use. You might not agree with the choices, but at the price point, you’d be hard pressed to find better solutions.
1. 5 Free, Dead-Easy IP Traffic Monitoring Tools
By Jack Wallen
Monitoring your network can be a real pain. First and foremost, what tool should you use?
Everyone you ask will give you a different answer. Each answer will reflect a different set of
requirements and, in some cases, fill completely different needs. Here are the five network
monitors I prefer, based on two criteria: They’re free (as in cost) and easy to use. You might not
agree with the choices, but at the price point, you’d be hard pressed to find better solutions.
1: Wireshark
Wireshark (Figure A) has always been my go-to monitor. When most other monitors fail to find
what I want, Wireshark doesn’t let me down. Wireshark is a cross-platform analyzer that does
deep inspection of hundreds of protocols. It does live capture and capture save (for offline
browsing), which can be viewed in GUI or tty mode. Wireshark also does VoIP analysis and can
read/write many capture formats (tcpdump, Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog,
Microsoft Network Monitor, and many more).
Figure A
2. 2: Angry IP Scanner
Angry IP Scanner (Figure B) is one of the easiest to use of all the IP scanners. It has a user-
friendly GUI that can scan IP addresses (and their ports) in any range. Angry IP Scanner is cross
platform and doesn’t require installation, so you can use it as a portable scanner. It can get
NetBIOS information, favorite IP address range, Web server detection, customizable openers, and
much more. This little scanner makes use of mutlithreads, so it’s going to be fairly fast. Source
code is available on the download page.
Figure B
3. 3: Zenmap
Zenmap (Figure C) is a graphical front end to the cross-platform Nmap tool. Nmap can scan huge
networks, is portable, free, and well documented. It’s one of the most powerful IP traffic monitors,
but that power comes with a price: complexity. Zenmap takes Nmap and makes it more accessible
to users who prefer to avoid the command line. That does not mean Zenmap is the easiest of the
lot. You still need to use some commands. But Zenmap offers a powerful wizard-like tool to help
you through the process.
Figure C
4. 4: Colasoft Capsa Free
If you’re an admin used to more Windows-like tools, Capsa Free (Figure D) might be the perfect
tool for you. There are actually two versions of Capsa: paid and free. The free version should be
enough in most cases. It provides an easy-to-use dashboard you can use to create various types of
captures. Capsa Free also offers plenty of alarm configurations so you can be alerted when
something occurs. And it can capture more than 300 network protocols, so you won’t be missing
out on anything with this free tool.
Figure D
5. 5: EtherApe
EtherApe is a Linux-only tool and is molded after the classic etherman monitor. It’s unique in that
it offers an easy-to-use mapping of IP traffic on your network. It does this in real time and gives
you a clear picture of the overall look of your network traffic. You can create filters (using pcap
syntax) to make reading the map easier. As you can see in Figure E, a busy network can get rather
challenging to read. EtherApe will display both the node and link color with the most-used
protocol so it’s easier to take a quick glance, even on a busy network.
Figure E
6. Recommend Office .NET/Silverlight Component:
Spire.XLS for .NET and Silverlight
Spire.Office for .NET and Silverlight
Spire.Doc for .NET and Silverlight
Spire.PDF for .NET
Spire.DataExport for .NET