Si ha trabajado en TI como administrador de red durante un período de tiempo prolongado, conoce una verdad casi universal: cuando algo no funciona, las primeras personas con las que consultar es el equipo de la red. Por mucho que odiemos admitirlo, lo entendemos.
La red, como columna vertebral de cada organización, es siempre la capa de transporte. Para sobrevivir en una organización de TI moderna, los administradores de red necesitan tener un conjunto de herramientas grandes y robustas a su disposición.
Una de las herramientas más importantes en el arsenal del administrador es el rastreador de paquetes.
Un Packet Sniffer es un software que observa el flujo de datos a través de la red e intercepta, registra y analiza los paquetes de la red.
La información obtenida de un sniffer de paquetes es invaluable para solucionar problemas de red y comprender cómo los datos atraviesan la red.
Con un sniffer de paquetes, la próxima vez que pregunte si algo está mal en la red, puede determinar el tiempo de respuesta de la aplicación y decir con confianza que no hay nada malo en la red.
Los rastreadores de paquetes vienen en diferentes formas y tamaños, y afortunadamente algunas de las mejores herramientas son completamente gratuitas.
Aquí están los mejores rastreadores de paquetes de 2020:
Algunas herramientas son mejores que otras y tienen diferentes conjuntos de características, pero las siguientes son las 5 mejores opciones para rastreadores de paquetes:
Mencione el nombre y la razón, si tiene alguna preferencia por alguna de éstas herramientas o por alguna otra ?
1. Solarwinds Bandwidth Analyzer 2-Pack
Solarwinds
Bandwidth Analyzer tool is actually a two-for-one: you get their
Network Performance Monitor that handles fault, availability, and
performance monitoring for networks of all sizes, as well as their
Netflow Traffic Analyzer that uses flow technology for analysis of
network bandwidth performance and traffic patterns. Both apps are
bundled together in the 2-pack.
Network Performance Monitor
monitors display response time, availability, and performance of network
devices and detects, diagnoses, and resolves performance issues with
out-of-the-box dashboards, alerts, and reports.
It also graphically displays network performance statistics in real time via dynamic, drill-able network maps.
The
included Netflow Analyzer identifies users, applications, and protocols
that are consuming bandwidth down to the interface level, highlighst IP
addresses of top talkers and stores and displays flow data with
one-minute granularity. It also analyzes Cisco® NetFlow™, Juniper®
J-Flow, IPFIX, sFlow®, Huawei NetStream™ and other flow data.
Official Site:
https://www.solarwinds.com/network-bandwidth-analyzer-pack/
Download:
The 2-Pack Download is available here
2. Wireshark
Wireshark,
previously know as Ethereal, is a powerful and robust open-source
packet sniffer. Wireshark is the most popular packet sniffer around –
paid or free.
It is so popular, in fact, that outside of network
administrators the many people say “can we get a Wireshark?” when they
are asking for you to run a packet capture. Wireshark is both an
interactive packet sniffing and analysis tool.
The fact that
Wireshark can run on Windows, Linux and Mac is just a small reason for
its popularity. It includes an attractive graphical user interface,
making it easy to capture and view data.
Some of its most robust
features include detail filters to see only the packets you are
concerned about, the ability to view packets at whatever detail you
want, and the ability to easily decode and view hundreds of protocols.
Wireshark is one of the best tools for creating and viewing information about packing going across your network
Official Site:
https://www.wireshark.org/
Download:
https://www.wireshark.org/download.html
3. tcpdump
In the time before Ethereal, and arguably still today, tcpdump is the defacto standard for packet sniffing.
It
does not have the pretty user interface of Wireshark, and it does not
have built-in logic to decode application flows, but remains a standard
for many network administrators. It is the tried and true standard for
network packet sniffing since the late 80s.
It can capture and record packet with very little system overhead, making it a favorite for many people.
Tcpdump
was originally designed for UNIX systems and is often installed by
default. Since its creations, it has been bored to windows as WinDump.
Official Site:
http://www.tcpdump.org/
Download:
http://www.tcpdump.org/index.html#latest-releases
4. Kismet
In the past decade, wireless networks have been an extremely importantly past of most business networks.
We
now use wireless networks for laptops, mobile phones, and tablets. As
these devices have risen to importance in the office, so has the
wireless network.
Packet sniffing on a wireless network has some
unique challenges with supported adapters, and that is where Kismet
shines. Kismet is designed for wireless packet sniffing and supports any
wireless network adapter which supports raw monitoring mode.
It addition to 802.11 monitoring, it has plugin support for decoding, not wireless packets.
Official Site:
https://www.kismetwireless.net/
Download:
https://www.kismetwireless.net/downloads/
5. EtherApe
Like Wireshark, EtherApe is a free and open source piece of software designed to examine network packets.
Rather
than displaying lots of information in text format, EtherApe aims to
represent the captured packets visually and a series of connections and
data flows.
EtherApe supports viewing network packets real time, but can also examine standard formats of existing packet captures.
This gives the administrator another valuable tool in troubleshooting network problems.
Official Site:
http://etherape.sourceforge.net/
Download:
https://sourceforge.net/projects/etherape/files/
Fuente: https://www.networkmanagementsoftware.com/top-5-packet-sniffers/
