We are writing a simple sniffer for Windows. Sniffer - what kind of beast is a local network sniffer?

A sniffer is another name for a traffic analyzer - it is a program or other hardware device that intercepts and then analyzes network traffic. Currently, these programs have a completely legal justification, therefore they are widely used on the Internet, but they can be used both for good and for harm.

The history of their origin goes back to the 90s, when hackers using such software could easily capture a user’s login and password, which at that time were very weakly encrypted.

The word sniffer comes from the English. to sniff - to sniff, the principle of operation is that this program registers and analyzes programs that are installed on machines that transmit information packets. For the information reading operation to be effective, it must be located close to the main PC.

Programmers use this application for traffic analysis, other goals are pursued by hackers on the network; they track down passwords or other information they need.

Types of traffic analyzers

Sniffers vary in type; they can be online applets or applications installed directly on a computer, which in turn are divided into hardware and software-hardware.

Most often they are used to intercept passwords, in this case the application gains access to the codes of encrypted information. This can bring enormous inconvenience to the user, since there are often cases when several programs or sites are set the same passwords, which ultimately leads to the loss of access to necessary resources.

There is a type of sniffing that is used to intercept a snapshot of RAM, since it is difficult to read the information constantly without using up the processor power. Detect Spy possible by monitoring the maximum file load of the PC during operation.

Another type of program works with a large data transmission channel, and the pest can generate up to 10 megabyte protocols every day.

How it works

Analyzers work only with TCP/IP protocols; such programs require a wired connection, for example, routers that distribute the Internet. Data transfer is carried out using separate packages, which, when the final goal is achieved, again become a single whole. They are also capable of intercepting packets at any stage of transmission and obtaining valuable information in the form of unprotected passwords along with it. In any case, with the help of decryption programs it is possible to obtain the key even to a protected password.

The easiest way to use WiFi sniffers is in networks with weak protection - in cafes, public places, etc.

Providers using these programs can track unauthorized access to external system addresses.

How to protect yourself from sniffers

To understand that someone has penetrated the local network, first of all you should pay attention to package download speed, if it is significantly lower than stated, this should alert you. You can monitor your computer's performance using the Task Manager. You can use special utilities, but they most often conflict with the Windows firewall, so it is better to disable it for a while.

For system administrators, checking and searching for traffic analyzers on the local network is a necessary step. To detect malicious applications, you can use well-known network antiviruses, such as Doctor Web or Kaspersky Anti-Virus, which allow you to detect pests both on remote hosts and directly within the local network.

In addition to special applications that are simply installed on your computer, you can use more complex passwords and cryptographic systems. Cryptographic systems work directly with information, encrypting it using an electronic signature.

Application overview and main features

CommView

CommView decodes packets of transmitted information and displays statistics of the protocols used in the form of diagrams. The traffic sniffer allows you to analyze IP packets, and those that are necessary. Sniffer for Windows works with known protocols: HTTP, HTTPS, DHCP, DDNH, DIAG, POP3, TCP, WAP, etc. CommView works with Ethernet modems, wi-fi and others. Packets are captured through an established connection using the “ CurrentIP- connections", where you can create address aliases.

Tab " Packages» displays information about them, and they can be copied to the clipboard.

« LOG-files» allows you to view packages in NFC format.

Tab " Rules" Here you can set the conditions for packet interception. Sections of this tab: IP addresses, MAC addresses, Ports, Process, Formulas and Individual parameters.

« Warning": provides for setting up notifications on the local network, operates using the "Add" button. Here you can set conditions and event types:

• "Packets per second" - when the network load level is exceeded.
• “Bytes per second” - when the data transmission frequency is exceeded.
• “Unknown address”, i.e. detection of unauthorized connections.

Tab " View»—traffic statistics are reflected here.

CommView is compatible with Windows 98, 2000, XP, 2003. An Ethernet adapter is required to use the application.

Advantages: user-friendly interface in Russian, supports common types of network adapters, statistics are visualized. The only downside is the high price.

Spynet

Spynet performs the functions of decoding packets and intercepting them. With its help, you can recreate the pages that the user visited. Consists of 2 programs CaptureNet and PipeNet. It is convenient to use on a local network. CaptureNet scans data packets, a second program monitors the process.

The interface is quite simple:

• Button Modify Filter– setting up filters.
• Button Layer 2,3 – installs Flame – IP protocols; Layer 3 – TCP.
• Button Pattern Matching searches for packages with the specified parameters.
• Button IP— Addresses allows you to scan the necessary IP addresses that transmit information of interest. (Options 1-2, 2-1, 2=1). In the latter case, all traffic.
• Button Ports, i.e. selection of ports.

To intercept data, you must run the Capture Start program, i.e., the data interception process starts. The file with the saved information is copied only after the Stop command, i.e., termination of the capture actions.

The advantage of Spynet is the ability to decode web pages that the user has visited. The program can also be downloaded for free, although it is quite difficult to find. The disadvantages include a small set of features in Windows. Works in Windows XP, Vista.

BUTTSniffer

BUTTSniffer analyzes network packets directly. The principle of operation is the interception of transmitted data, as well as the ability to automatically save it on a medium, which is very convenient. This program is launched via command line. There are also filter options. The program consists of BUTTSniff.exe and BUTTSniff. dll.

Significant disadvantages of BUTTSniffer include unstable operation, frequent crashes, even crashing the OS (blue screen of death).

In addition to these sniffer programs, there are many other equally well-known ones: WinDump, dsniff, NatasX, NetXRay, CooperSniffer, LanExplorter, Ne Analyzer.

There are also online sniffers, which, in addition to obtaining the victim’s IP address, change the IP address of the attacker directly. Those. The hacker first registers under an IP address and sends to the victim’s computer a picture that needs to be downloaded or an email that just needs to be opened. After this, the hacker receives all the necessary data.

It is worth recalling that interfering with the data of someone else's computer is a criminal offense.

Network packet analyzers, or sniffers, were originally developed as a means of solving network problems. They are able to intercept, interpret and store packets transmitted over the network for subsequent analysis. On the one hand, this allows system administrators and technical support engineers to observe how data is transferred over the network, diagnose and fix problems that arise. In this sense, packet sniffers are a powerful tool for diagnosing network problems. On the other hand, like many other powerful tools that were originally intended for administration, over time, sniffers began to be used for completely different purposes. Indeed, a sniffer in the hands of an attacker is a rather dangerous tool and can be used to obtain passwords and other confidential information. However, you should not think that sniffers are some kind of magical tool through which any hacker can easily view confidential information transmitted over the network. And before we prove that the danger posed by sniffers is not as great as is often presented, let us consider in more detail the principles of their functioning.

Operating principles of packet sniffers

Further in this article we will consider only software sniffers designed for Ethernet networks. A sniffer is a program that operates at the NIC (Network Interface Card) network adapter level (link layer) and secretly intercepts all traffic. Because sniffers operate at the data link layer of the OSI model, they do not have to play by the rules of higher-layer protocols. Sniffers bypass the filtering mechanisms (addresses, ports, etc.) that Ethernet drivers and the TCP/IP stack use to interpret data. Packet sniffers capture from the wire everything that comes through it. Sniffers can store frames in binary format and later decrypt them to reveal higher-level information hidden inside (Figure 1).

In order for the sniffer to capture all packets passing through the network adapter, the network adapter driver must support promiscuous mode. It is in this mode of operation of the network adapter that the sniffer is able to intercept all packets. This mode of operation of the network adapter is automatically activated when the sniffer is launched or is set manually by the corresponding sniffer settings.

All intercepted traffic is passed to a packet decoder, which identifies and splits packets into the appropriate hierarchy levels. Depending on the capabilities of a particular sniffer, the provided packet information can subsequently be further analyzed and filtered.

Limitations of using sniffers

Sniffers posed the greatest danger in those days when information was transmitted over the network in clear text (without encryption), and local networks were built on the basis of concentrators (hubs). However, these days are irrevocably gone, and nowadays using sniffers to gain access to confidential information is by no means an easy task.

The fact is that when building local networks based on hubs, there is a certain common data transmission medium (network cable) and all network nodes exchange packets, competing for access to this medium (Fig. 2), and a packet sent by one network node is transmitted to all ports of the hub and this packet is listened to by all other nodes on the network, but only the node to which it is addressed receives it. Moreover, if a packet sniffer is installed on one of the network nodes, then it can intercept all network packets related to a given network segment (the network formed by the hub).

Switches are more intelligent devices than broadcast hubs and isolate network traffic. The switch knows the addresses of the devices connected to each port and transmits packets only between the necessary ports. This allows you to offload other ports without having to forward every packet to them, as a hub does. Thus, a packet sent by a certain network node is transmitted only to the switch port to which the packet recipient is connected, and all other network nodes are not able to detect this packet (Fig. 3).

Therefore, if the network is built on the basis of a switch, then a sniffer installed on one of the network computers is capable of intercepting only those packets that are exchanged between this computer and other network nodes. As a result, in order to be able to intercept packets that the computer or server of interest to the attacker exchanges with other network nodes, it is necessary to install a sniffer on this particular computer (server), which is actually not so simple. However, you should keep in mind that some packet sniffers are launched from the command line and may not have a graphical interface. Such sniffers, in principle, can be installed and launched remotely and unnoticed by the user.

Additionally, you should also keep in mind that while switches isolate network traffic, all managed switches have port forwarding or port mirroring functionality. That is, the switch port can be configured in such a way that all packets arriving on other switch ports are duplicated on it. If in this case a computer with a packet sniffer is connected to such a port, then it can intercept all packets exchanged between computers on a given network segment. However, as a rule, the ability to configure the switch is available only to the network administrator. This, of course, does not mean that he cannot be an attacker, but a network administrator has many other ways to control all users of the local network, and it is unlikely that he will monitor you in such a sophisticated way.

Another reason why sniffers are no longer as dangerous as they once were is that most sensitive data is now transmitted encrypted. Open, unencrypted services are rapidly disappearing from the Internet. For example, when visiting websites, the SSL (Secure Sockets Layer) protocol is increasingly used; SFTP (Secure FTP) is used instead of open FTP, and virtual private networks (VPNs) are increasingly used for other services that do not use encryption by default.

So, those concerned about the potential for malicious use of packet sniffers should keep the following in mind. First, to pose a serious threat to your network, sniffers must be located within the network itself. Secondly, today's encryption standards make it extremely difficult to intercept sensitive information. Therefore, at present, packet sniffers are gradually losing their relevance as hacker tools, but at the same time they remain an effective and powerful tool for diagnosing networks. Moreover, sniffers can be successfully used not only for diagnosing and localizing network problems, but also for auditing network security. In particular, the use of packet analyzers allows you to detect unauthorized traffic, detect and identify unauthorized software, identify unused protocols to remove them from the network, generate traffic for penetration testing (penetration test) in order to check the security system, work with intrusion detection systems ( Intrusion Detection System (IDS).

Overview of software packet sniffers

All software sniffers can be divided into two categories: sniffers that support launch from the command line, and sniffers that have a graphical interface. However, we note that there are sniffers that combine both of these capabilities. In addition, sniffers differ from each other in the protocols they support, the depth of analysis of intercepted packets, the ability to configure filters, and the possibility of compatibility with other programs.

Typically, the window of any sniffer with a graphical interface consists of three areas. The first of them displays the summary data of intercepted packets. Typically, this area displays a minimum of fields, namely: packet interception time; IP addresses of the packet sender and recipient; MAC addresses of the sender and recipient of the packet, source and destination port addresses; protocol type (network, transport or application layer); some summary information about the intercepted data. The second area displays statistical information about the individual selected package, and finally the third area displays the package in hexadecimal or ASCII character form.

Almost all packet sniffers allow you to analyze decoded packets (which is why packet sniffers are also called packet analyzers, or protocol analyzers). The sniffer distributes intercepted packets across layers and protocols. Some packet sniffers are capable of recognizing the protocol and displaying the captured information. This type of information is usually displayed in the second area of ​​the sniffer window. For example, any sniffer can recognize the TCP protocol, and advanced sniffers can determine which application generated this traffic. Most protocol analyzers recognize over 500 different protocols and can describe and decode them by name. The more information a sniffer can decode and display on the screen, the less will have to be decoded manually.

One problem that packet sniffers may encounter is the inability to correctly identify a protocol using a port other than the default port. For example, to improve security, some well-known applications may be configured to use ports other than the default ports. So, instead of the traditional port 80, reserved for the web server, this server can be forcibly reconfigured to port 8088 or any other. Some packet analyzers in this situation are not able to correctly determine the protocol and display only information about the lower-level protocol (TCP or UDP).

There are software sniffers that come with software analytical modules as plugins or built-in modules that allow you to create reports with useful analytical information about intercepted traffic.

Another characteristic feature of most packet analyzer software is the ability to configure filters before and after traffic is captured. Filters select certain packets from the general traffic according to a given criterion, which allows you to get rid of unnecessary information when analyzing traffic.

Sniffers- these are programs that intercept
all network traffic. Sniffers are useful for network diagnostics (for administrators) and
to intercept passwords (it’s clear for whom :)). For example, if you have access to
one network machine and installed a sniffer there,
then soon all the passwords from
their subnets will be yours. Sniffers set
network card in listening
mode (PROMISC). That is, they receive all packets. Locally you can intercept
all sent packets from all machines (if you are not separated by any hubs),
So
How is broadcasting practiced there?
Sniffers can intercept everything
packages (which is very inconvenient, the log file fills up terribly quickly,
but for a more detailed network analysis it’s perfect)
or only the first bytes from all sorts of
ftp, telnet, pop3, etc. (this is the fun part, usually in about the first 100 bytes
contains username and password :)). Sniffers now
divorced... There are many sniffers
both under Unix and under Windows (even under DOS there is :)).
Sniffers can
support only a specific axis (for example linux_sniffer.c, which
supports Linux :)), or several (for example Sniffit,
works with BSD, Linux, Solaris). Sniffers have gotten so rich because
that passwords are transmitted over the network in clear text.
Such services
a lot. These are telnet, ftp, pop3, www, etc. These services
uses a lot
people :). After the sniffer boom, various
algorithms
encryption of these protocols. SSH appeared (an alternative
telnet supporting
encryption), SSL (Secure Socket Layer - a Netscape development that can encrypt
www session). All sorts of Kerberous, VPN (Virtual Private
Network). Some AntiSniffs, ifstatus, etc. were used. But this is fundamentally not
changed the situation. Services that use
transmitting plain text password
are used to the fullest :). Therefore, they will be sniffing for a long time :).

Windows sniffer implementations

linsniffer
This is a simple sniffer to intercept
logins/passwords. Standard compilation (gcc -o linsniffer
linsniffer.c).
Logs are written to tcp.log.

linux_sniffer
Linux_sniffer
required when you want
study the network in detail. Standard
compilation. Gives out all sorts of extra crap,
like isn, ack, syn, echo_request (ping), etc.

Sniffit
Sniffit - advanced model
sniffer written by Brecht Claerhout. Install(need
libcap):
#./configure
#make
Now let's launch
sniffer:
#./sniffit
usage: ./sniffit [-xdabvnN] [-P proto] [-A char] [-p
port] [(-r|-R) recordfile]
[-l sniflen] [-L logparam] [-F snifdevice]
[-M plugin]
[-D tty] (-t | -s ) |
(-i|-I) | -c ]
Plugins Available:
0 -- Dummy
Plugin
1 -- DNS Plugin

As you can see, sniffit supports many
options. You can use the sniffak interactively.
Sniffit though
It's quite a useful program, but I don't use it.
Why? Because Sniffit
big problems with protection. For Sniffit a remote root and dos have already been released for
Linux and Debian! Not every sniffer allows itself to do this :).

HUNT
This
my favorite sniff. It is very easy to use,
supports a lot of cool
chips and currently has no security problems.
Plus not much
demanding of libraries (such as linsniffer and
Linux_sniffer). He
can intercept current connections in real time and
clean dump from a remote terminal. IN
in general, Hijack
rulezzz:). I recommend
everyone for enhanced use :).
Install:
#make
Run:
#hunt -i

READSMB
The READSMB sniffer is cut from LophtCrack and ported to
Unix (oddly enough :)). Readsmb intercepts SMB
packages.

TCPDUMP
tcpdump is a fairly well-known packet analyzer.
Written
even more famous person - Van Jacobson, who invented VJ compression for
PPP and wrote a traceroute program (and who knows what else?).
Requires a library
Libpcap.
Install:
#./configure
#make
Now let's launch
her:
#tcpdump
tcpdump: listening on ppp0
All your connections are displayed on
terminal. Here is an example of ping output

ftp.technotronic.com:
02:03:08.918959
195.170.212.151.1039 > 195.170.212.77.domain: 60946+ A?
ftp.technotronic.com.
(38)
02:03:09.456780 195.170.212.77.domain > 195.170.212.151.1039: 60946*
1/3/3 (165)
02:03:09.459421 195.170.212.151 > 209.100.46.7: icmp: echo
request
02:03:09.996780 209.100.46.7 > 195.170.212.151: icmp: echo
reply
02:03:10.456864 195.170.212.151 > 209.100.46.7: icmp: echo
request
02:03:10.906779 209.100.46.7 > 195.170.212.151: icmp: echo
reply
02:03:11.456846 195.170.212.151 > 209.100.46.7: icmp: echo
request
02:03:11.966786 209.100.46.7 > 195.170.212.151: icmp: echo
reply

In general, sniff is useful for debugging networks,
troubleshooting and
etc.

Dsniff
Dsniff requires libpcap, ibnet,
libnids and OpenSSH. Records only entered commands, which is very convenient.
Here is an example of a connection log
on unix-shells.com:

02/18/01
03:58:04 tcp my.ip.1501 ->
handi4-145-253-158-170.arcor-ip.net.23
(telnet)
stalsen
asdqwe123
ls
pwd
who
last
exit

Here
dsniff intercepted the login and password (stalsen/asdqwe123).
Install:
#./configure
#make
#make
install

Protection against sniffers

The surest way to protect against
sniffers -
use ENCRYPTION (SSH, Kerberous, VPN, S/Key, S/MIME,
SHTTP, SSL, etc.). Well
and if you don’t want to give up plain text services and install additional
packages :)? Then it's time to use anti-sniffer packets...

AntiSniff for Windows
This product was released by a famous group
Loft. It was the first product of its kind.
AntiSniff as stated in
Description:
"AntiSniff is a Graphical User Interface (GUI) driven tool for
detecting promiscuous Network Interface Cards (NICs) on your local network
segment". In general, it catches cards in promisc mode.
Supports huge
number of tests (DNS test, ARP test, Ping Test, ICMP Time Delta
Test, Echo Test, PingDrop test). Can be scanned as one car,
and the grid. There is
log support. AntiSniff works on win95/98/NT/2000,
although recommended
NT platform. But his reign was short-lived and would soon
time, a sniffer called AntiAntiSniffer appeared :),
written by Mike
Perry (Mike Perry) (you can find him at www.void.ru/news/9908/snoof.txt). He
based on LinSniffer (discussed below).

Unix sniffer detect:
Sniffer
can be found with the command:

#ifconfig -a
lo Link encap:Local
Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
U.P.
LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:2373 errors:0
dropped:0 overruns:0 frame:0
TX packets:2373 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:0

ppp0 Link
encap:Point-to-Point Protocol
inet addr:195.170.y.x
P-t-P:195.170.y.x Mask:255.255.255.255
UP POINTOPOINT PROMISC
RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:3281
errors:74 dropped:0 overruns:0 frame:74
TX packets:3398 errors:0
dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10

How
you see the ppp0 interface is in PROMISC mode. Either operator
uploaded sniff for
network checks, or they already have you... But remember,
that ifconfig can be done safely
spoof, so use tripwire to detect
changes and all sorts of programs
to check for sniffs.

AntiSniff for Unix.
Works for
BSD, Solaris and
Linux. Supports ping/icmp time test, arp test, echo test, dns
test, etherping test, in general an analogue of AntiSniff for Win, only for
Unix:).
Install:
#make linux-all

Sentinel
Also a useful program for
catching sniffers. Supports many tests.
Easy to
use.
Install: #make
#./sentinel
./sentinel [-t
]
Methods:
[ -a ARP test ]
[ -d DNS test
]
[ -i ICMP Ping Latency test ]
[ -e ICMP Etherping test
]
Options:
[ -f ]
[ -v Show version and
exit ]
[ -n ]
[ -I
]

The options are so simple that no
comments.

MORE

Here are a few more
utilities to check your network (for
Unix):
packetstorm.securify.com/UNIX/IDS/scanpromisc.c -remote
PROMISC mode detector for ethernet cards (for red hat 5.x).
http://packetstorm.securify.com/UNIX/IDS/neped.c
- Network Promiscuous Ethernet Detector (requires libcap & Glibc).
http://packetstorm.securify.com/Exploit_Code_Archive/promisc.c
- scans system devices to detect sniffs.
http://packetstorm.securify.com/UNIX/IDS/ifstatus2.2.tar.gz
- ifstatus tests network interfaces in PROMISC mode.

A sniffer is not always malicious. In fact, this type of software is often used to analyze network traffic in order to detect and eliminate anomalies and ensure smooth operation. However, the sniffer can be used with malicious intent. Sniffers analyze everything that passes through them, including unencrypted passwords and credentials, so hackers with access to the sniffer can obtain users' personal information. In addition, the sniffer can be installed on any computer connected to the local network, without the need to install it on the device itself - in other words, it cannot be detected during the entire connection time.

Where do sniffers come from?

Hackers use sniffers to steal valuable data by monitoring network activity and collecting personal information about users. Typically, attackers are most interested in user passwords and credentials to gain access to online banking and online store accounts. Most often, hackers install sniffers in places where unsecured Wi-Fi connections are distributed, for example, in cafes, hotels and airports. Sniffers can masquerade as a network-connected device in a so-called spoofing attack to steal valuable data.

How to recognize a sniffer?

Unauthorized sniffers are extremely difficult to recognize virtually, as they can be installed almost anywhere, posing a very serious threat to network security. Ordinary users often have no chance of recognizing that a sniffer is tracking their network traffic. It is theoretically possible to install your own sniffer that would monitor all DNS traffic for the presence of other sniffers, but for the average user it is much easier to install anti-sniffing software or an anti-virus solution that includes network activity protection to stop any unauthorized intrusion or hide your network activities.

How to remove a sniffer

You can use a highly effective antivirus to detect and remove all types of malware installed on your computer for sniffing purposes. However, to completely remove the sniffer from your computer, you must delete absolutely all folders and files related to it. It is also strongly recommended to use an antivirus with a network scanner, which will thoroughly check the local network for vulnerabilities and instruct on further actions if they are found.

How to avoid becoming a victim of a sniffer

• Encrypt all information you send and receive
• Scan your local network for vulnerabilities
• Use only verified and secure Wi-Fi networks

For Win2000 - Windows 10 (2019) (Server, x86, x64). Latest version: 4.4.17 build 424. April 24, 2019.

What is serial port sniffer is a program that monitors the transfer of data by another program and, as it were, “wedges itself” between the serial interface and the program being studied. A serial port data interceptor allows you to study the operating features of your or another program running in Windows. If the program you are studying is developed by you, then the serial port data interceptor turns into an RS232 interface debugger, which will allow you to track errors that occur during data exchange. The serial port data monitoring mode in our program is called “Observer” and is called up from the “Mode” menu in the main program window.

Switching to serial port data sniffer mode must be done BEFORE launch the program under study. If you do not do this, then subsequently the serial port sniffer will no longer be able to access the serial port and, accordingly, will not be able to perform its functions.

In serial port data interceptor mode, the program monitors all traffic, both transmitted and received. The sent data can be highlighted on the program screen. This feature can be enabled in the options on the "Other / Data Type" tab.

Our serial port data interceptor allows you to monitor data transmission on the screen in any form (hexadecimal, decimal or any other). This allows, without leaving the serial port data interceptor, to find repeating sequences of data blocks and identify patterns in the passage of data.

Another important feature of our serial port data interceptor is the ability to save sent and received data to a file for later analysis. The file generation mode of the serial port data interceptor is flexibly configured, which saves time when analyzing a large amount of data recorded by the program.

Our program is very easy to turn into a powerful and highly customizable data observer. To do this, just download and install the program. Then run the program. Select the "Observer" mode in the main menu "Mode". Then select a serial port from the list and click the "Open" button. Do not forget that this must be done before launching the program under study. And everything is in your hands - a universal tool for solving a wide range of problems.

Compared to other serial port sniffers, Advanced Serial Port Monitor has several unique features:

• The serial port data interceptor provides the ability to run on the entire family of Windows operating systems, from Windows 2000 to Windows 10 x64;
• The serial port data interceptor allows you to monitor data transmission on all serial ports installed in the system. The serial port number can range from 1 to 255;
• A serial port sniffer gives you the ability to monitor the traffic being transmitted during a Dial-Up connection.

All the capabilities of the serial port data interceptor are implemented in our Advanced Serial Port Monitor program. Download the trial version now - it's fast and free!