Application to comfortably monitor your Internet traffic
Multithreaded, cross-platform, reliable
Graphical interface translated in:
๐
Help fund Sniffnet's development Sniffnet is a completely free, open-source software which needs your support to be developed and maintained.
If you appreciate Sniffnet, please consider donating: this is the only way for me to keep working on this project,
constantly improving and expanding it.
In scarcity of sponsors, I will be forced to quit my contributions to this project (sadly).
A special mention goes to these awesome organizations and folks who are sponsoring Sniffnet:
Installation
You can install Sniffnet in one of the following ways:
from GitHub releasesโ
You can install Sniffnet through the installers available in the latest release.
Choose from a Windows installer, a macOS disk image, a DEB package, or an RPM package (depending on your operating system).
Here for your convenience you can find the direct link to the downloads:
- Windows (13.1 MB)
- macOS (12.4 MB)
- Linux (DEB) (9.2 MB)
- Linux (RPM) (11.4 MB)
from Crates.ioโ
Follow this method only if you have Rust installed on your machine.
In this case, the application binary can be built and installed with:
cargo install sniffnet
Required dependencies
Depending on your operating system, you may need to install some dependencies to run Sniffnet:
Windows dependenciesโ
In order to correctly build and run Sniffnet on Windows systems you need to:
Linux dependenciesโ
- On Debian-based distributions:
libpcap-dev
libasound2-dev
libfontconfig1
- On RPM-based distributions:
libpcap-devel
alsa-lib-devel
fontconfig-devel
Note that if you are not running as root, you need to set capabilities to inspect a network adapter:
sudo setcap cap_net_raw,cap_net_admin=eip <your/Sniffnet/executable/path>
Alternatively you can run the app with sudo privileges:
sudo sniffnet
Features
๐ป choose a network adapter of your PC to inspect๐ท๏ธ select a set of filters to apply to the observed traffic๐ view overall statistics about your Internet traffic๐ view real-time charts about traffic intensity (bytes and packets per second, incoming and outgoing)๐ get details about domain names and network providers of the hosts you are exchanging traffic with๐ identify connections in your local network๐ get information about the country of the remote hosts (IP geolocation)โญ save your favorite network hosts๐ set custom notifications to inform you when defined network events occur๐จ choose the style that fits you the most from 4 different available themes๐ต๏ธ inspect each of your network connections in real time๐ save complete textual report with detailed information for each network connection:- source and destination IP addresses
- source and destination ports
- carried protocols
- amount of exchanged packets and bytes
- initial and final timestamp of information exchange
- ... and more!
IP geolocation and network providers (ASN)
See details
Geolocation and network providers (ASN) refer to the remote IP address of each connection, and they are retrieved performing lookups against MMDB files:
Note
The MMDB (MaxMind database) format has been developed especially for IP lookup.
It is optimized to perform lookups on data indexed by IP network ranges quickly and efficiently.
It permits the best performance on IP lookups, and it's suitable for use in a production environment.This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com
This file format potentially allows Sniffnet to execute different hundreds of IP lookups in a matter of a few milliseconds.
Supported application layer protocols
See details
Application layer protocols are inferred from the transport port numbers, following the convention maintained by IANA.
Please, remember that this is just a convention:
Warning
The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.
However, many unofficial uses of well-known port numbers occur in practice.
The following table reports the port-to-service mappings used by Sniffnet, chosen from the most common assignments by IANA.
Port number(s) | Application protocol | Description |
---|---|---|
20, 21 | FTP | File Transfer Protocol |
22 | SSH | Secure Shell |
23 | Telnet | Telnet |
25 | SMTP | Simple Mail Transfer Protocol |
49 | TACACS | Terminal Access Controller Access-Control System |
53 | DNS | Domain Name System |
67, 68 | DHCP | Dynamic Host Configuration Protocol |
69 | TFTP | Trivial File Transfer Protocol |
80, 8080 | HTTP | Hypertext Transfer Protocol |
109, 110 | POP | Post Office Protocol |
123 | NTP | Network Time Protocol |
137, 138, 139 | NetBIOS | NetBIOS |
143, 220 | IMAP | Internet Message Access Protocol |
161, 162, 199 | SNMP | Simple Network Management Protocol |
179 | BGP | Border Gateway Protocol |
389 | LDAP | Lightweight Directory Access Protocol |
443 | HTTPS | Hypertext Transfer Protocol over SSL/TLS |
636 | LDAPS | Lightweight Directory Access Protocol over TLS/SSL |
989, 990 | FTPS | File Transfer Protocol over TLS/SSL |
993 | IMAPS | Internet Message Access Protocol over TLS/SSL |
995 | POP3S | Post Office Protocol 3 over TLS/SSL |
1900 | SSDP | Simple Service Discovery Protocol |
5222 | XMPP | Extensible Messaging and Presence Protocol |
5353 | mDNS | Multicast DNS |
Keyboard shortcuts
See details
Some keyboard shortcuts are available to improve the efficiency of use and the overall user experience.
If you want to suggest a different key combination for one of the existing shortcuts or if you want to propose a new shortcut, give a look at this issue.
The currently usable hotkeys are reported in the following.
Note
On macOS, use the
cmd
key instead ofctrl
Event | Shortcut keys |
---|---|
Quit the application | ctrl+Q |
Open full report | ctrl+O |
Open settings | ctrl+, |
Clear all notifications | ctrl+D |
Interrupt the ongoing analysis | ctrl+backspace |
Start the analysis and confirm modal actions | enter |
Close settings and modal popups | esc |
Switch from a tab to the next (or previous) one | tab (or shift+tab ) |
Change inspect connections page to the next (or previous) one | ctrl+rightArrow (or ctrl+leftArrow ) |
Troubleshooting
See details
Missing dependencies
Most of the errors that can occur are likely due to your system missing required pcap
dependencies,
necessary to correctly analyze a network adapter.
Check the required dependencies section for instructions on how to proceed.
Note that most Linux system also need this dependency (required to build the library used to play sounds):
sudo apt-get install libasound2-dev
Some Linux systems also need libfontconfig
, see issue #18 for a reference.
Note
View issues labeled with
missing-dependencies
to see how those problems have been solved by others.
Installers incompatibilities
If you have problems after having installed Sniffnet through the provided installers,
it could be due to your OS not being compatible with the pre-built binaries I generated for you.
Reach me out, and I'll try to generate an installer for your specific operating system.
Warning
The DEB package for Linux is built on the latest version of Ubuntu and in some cases may not be compatible with Debian.
See issue #199 for a reference.
Rendering problems
In some cases, especially if you are running on an old architecture, the wgpu
default renderer used by iced
may cause some problems that could prevent you from running Sniffnet.
In this case, you can try building the application from the glow-renderer
branch, which uses the glow
renderer.
Note
View issues labeled with
renderer
to see how those problems have been solved by others.
open an issue, and I will do my best to help you!
In any case don't hesitate toAcknowledgements
-
A big shout-out to all the contributors of Sniffnet!
-
The graphical user interface has been realized with iced, a cross-platform GUI library for Rust focused on simplicity and type-safety
- Last but not least, thanks to every single stargazer: all forms of support made it possible to keep improving Sniffnet!