A new era of network sniffing has begun...Network Monitor 3.0

A new era of network sniffing has begun at Microsoft with the soon to be released Network Monitor 3.0. So, it seems appropriate that we create a Network Monitor Blog site to accompany it. [So this is what a Blog feels like, nice!]

The Essentials

Microsoft Network Monitor 3.0 Beta 2, where is it?

We currently have a Beta version of Network Monitor 3.0 available on our Microsoft Connects site (https://connect.microsoft.com), you'll need a passport account. Select "Available Connections" and look for Network Monitor 3.0. Once you sign up, it will appear in your "My Participation" section. Feel free to download, provide feedback, and use the newsgroups.

Microsoft Network Monitor 3.0 Beta 2, what is it?

N

etwork Monitor 3.0 is a total overhaul of our previous Netmon2.x program. We actually threw out everything and started from scratch. This has produced a much easier and safer way to analyze network traffic.. DLLs for parsers have the inherent problem of overruns, which pose security risks. All of our parsers are based on editable scripts, (Netmon Parsing Language or NPL), which define how protocols are parsed. Nearly 200 of these scripts are included in the beta release and the list keeps growing.  Users can easily review and modify these protocol definitions to add their own protocols or update our definitions as they see fit.

Key features of Microsoft Network Monitor 3.0 include:

  • A completely new user interface
  • New powerful filtering
  • Real time capture and display of frames
  • Simultaneous capture on multiple network adapters
  •  Multiple simultaneous capture sessions
  • Network conversations and a tree view displaying frames by conversation
  • A new script-based protocol parser language, and script-based parsers
  • Support for Vista/Windows XP/Windows Server 2003
  • Support for 32bit and 64bit platforms

Who Am I?

My name is Paul Long, and I’ve worked for Microsoft for the last 15 years. Most of my career has been spent in our support organization, and primarily supporting the OS platforms with the Critical Problem Resolution group (CPR). Networking has been my specialty for the last 4 years, though I’ve been involved with networking at many different times in my career. My first job was installing Novell back in the day, and then again with Microsoft’s introduction of Windows for Workgroups 3.1. It was at this time I discovered what a sniffer was, and at that time it was a hunk of a portable (30 lbs Compaq I think), created by Data General. And now my life evolves around Network Monitor 3.0 and its upcoming incarnations.

What is this Blog all about?

The main focus of this Blog is to discuss the features of Network Monitor 3.0 and future versions. This includes how the GUI works, using filters, as well as how NPL works. But I also want to talk about trouble shooting network problems in general and discuss how to apply the features we have in Netmon3.0 towards finding and fixing networking issues.

Comments

  • Anonymous
    January 01, 2003
    If so, then you are probably familiar with Ethereal (now WireShark ) for packet monitoring. If you haven't

  • Anonymous
    January 01, 2003
    thanks