Simplified network packet analyzer for distributed packet snooper
First Claim
1. A method for analyzing network packets, the method comprising:
- receiving snoop configuration information;
configuring a target endpoint and a source endpoint;
initialize a snooper on at least one client; and
snooping, by the at least one client, data packets transmitted through the target endpoint originating from the source endpoint and transmitted through the target endpoint destined for the source endpoint.
3 Assignments
0 Petitions
Accused Products
Abstract
A method, system, apparatus, and computer program product are presented for a dynamically locatable packet analyzer spread across a distributed network of endpoints for determining packet generating applications is provided. In particular, the analyzer determines which ports are being used by which applications in order to verify that only intended packets are being sent and received by endpoints. The analyzer also provides novice packet snooping by not requiring administrators to configure operating system specific, packet specific or port specific information. The analyzer also provides snooping per application type (i.e. security, discovery, etc.) on endpoints, rather than packet type or port only.
-
Citations
22 Claims
-
1. A method for analyzing network packets, the method comprising:
-
receiving snoop configuration information;
configuring a target endpoint and a source endpoint;
initialize a snooper on at least one client; and
snooping, by the at least one client, data packets transmitted through the target endpoint originating from the source endpoint and transmitted through the target endpoint destined for the source endpoint. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product in a computer readable media for use in a data processing system for analyzing network packets, the computer program product comprising:
-
first instructions for receiving snoop configuration information;
second instructions for configuring a target endpoint and a source endpoint;
third instructions for initialize a snooper on at least one client; and
fourth instructions for snooping, by the at least one client, data packets transmitted through the target endpoint originating from the source endpoint and transmitted through the target endpoint destined for the source endpoint. - View Dependent Claims (9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21)
-
-
15. A system for analyzing network packets, the system comprising:
-
first means for receiving snoop configuration information;
second means for configuring a target endpoint and a source endpoint;
third means for initialize a snooper on at least one client; and
fourth means for snooping, by the at least one client, data packets transmitted through the target endpoint originating from the source endpoint and transmitted through the target endpoint destined for the source endpoint.
-
-
22. A system for network packet analyzing, comprising:
-
at least one remote snooper client;
a snooper manager server controlling execution of the at least one remote snooper client, the snooper manager server comprising a snooper logging database;
a java virtual machine component of a snooper in the at least one remote snooper client; and
a native operating system component of the snooper in the at least one remote snooper client;
wherein the snooper is configurable by the snooper manager to snoop only certain types of data packets.
-
Specification