Colasoft Blog

I work for a small company as a network administrator. There’s no doubt I’m the person who is responsible for the security of network. Despite those complicated network problems, I’m sure many network admins have the same headache as me. When network problems occur and the internet could not work as usual, absolutely we are the persons to be blame first. We must try to find out the source of the problems as soon as possible. This is why we need a network sniffer to monitor our network. With the limited budget, I search on the internet, and finally I found Colasoft Capsa. I just download a free trail to see if it really works as is said.

Now, I have being using it for more than two weeks, and I found it is quite easy to use. The function of Capsa is not what I’m going to talk about in this article, because it may cost a dayJ Here I’m going to share with you a small but quite useful setting-Add physical group in network.

First, we open Settings, and click network, and click add:

Then write down the group name and the IP ranges of this group:

Well, it’s done, we can see it in the Explore:

In conclusion, with this setting, it’s very convenient to see the traffic of any specific group or department in our company. If you want to do that, just follow the above steps. Hope you enjoy this article!

This is my short story of how a rookie uses Capsa Network Analyzer to solve an easy network problem.

Too be honest, I don’t know too much about network management or network analysis. My friends and I, 5 of us, have a SEO studio and we are trying a little online business. We were pretty busy at that time because our business made some progress on our business. Days ago, our wired network, however, turned out to be intolerable lagging which we couldn’t stand for all our business depends on the Internet.

First action we took was to do is to check antivirus software. We had antivirus Mcfee installed on all our computers and updated. But there wasn’t a virus caught after a full scanning of all our computers. Now we took it seriously, we checked all the ports and the router we used to connect all our computers and tried all the means on Google. Nothing helped. Time is money; we had to get that smooth internet connection for our business. Regretfully, we hadn’t had a computer geek friend around. Also it’s not our style to pay a penny to hire someone to fix this. We were on our own.

Good news from Erik, one in our studio, he found out there was a program, WireShark, would fix our network. We all are disappointed again when we run it. None of us knew where to start checking which we couldn’t understand.

After his hard searching, we found this Capsa Network Analyzer Demo version and couldn’t wait to give it a try. First we noticed that there were lots of “ARP Too Many Unrequested Response” in its Diagnosis. We immediately got from its explanation that the two IP addressed computers were the causes. We took the two computers off the router and we had our network back. As the two computers, we only had to have them reinstalled OS. We were so pleased that we had our business back.

Thanks Capsa Network Analyzer.

We are running a small company major in customer service of a net-game, less than 50 staff working together. As generally, there are some problem occurs from time to time during working time. The majority symptom is the network speed slow down sharply suddenly, we can’t confirm the root source of the network congestion. It’s a large waste of time to figure it out that what and where exactly the problem is, it has been taking my mind for a very long time.

Last week, one of my game friend found on Linkedin.com, recommended a Chinese network sniffer – Colasoft Capsa, to monitor my network traffic and detect the problem in a very short time. Frankly, I really don’t believe there’s good software made in China, especially in network security. I just Try holding the mentality of it just because of my friend.

I downloaded their product and asked for the evaluation license key. Unexpectedly, I got it within 8 hours after I sent the application, I thought I’ll get it at least in 2 days due to the time difference. Another thing surprised me is the easy-to-use usability and the perfect UI design. I handled the network malfunction in a short time (seems 5 minutes) with this software. I really appreciate them and share my experience of my case.

First, under “Protocol Explorer”, I found BT in “Protocols” window, then locate it in the Explorer:

Then, at “Endpoints” window, we can quickly find out the local IP address who has the largest packets connection. Obviously, 192.168.1.128 is the prime culprit who leads the network congestion:

Additionally, you can find all the protocols, IP/Mac addresses in the Node Explorer, really a convenient explorer. I’m not familiar with this software at that time, I believe it won’t take more than 2 minutes if you are familiar with it. For such small-and-medium-sized enterprises like us, Capsa is really a good network monitor, and I made my decision to purchase its single seat license with 1 year maintenance.

To be honest, I am a little ashamed to share my experience here, however, I wish to learn more from you. Let me introduce myself briefly, my name is Don Smith, the network administrative of a small online business company in Texas.

As a small company, cost is a very sensitive problem to us especially under the recession. With a limited bandwidth, we need to make sure the core business goes steadily, I need to find out the illegal download activities in time. We bought Capsa last year after the evaluation and compare with other similar network monitoring software.

Ok, let’s see how I find out the illegal download in the network.

After the correct deployment of Capsa in our network, let’s run capsa and start the capture at first.

Figure 1.Summary View

As we can see in figure 1,the utilization is normal.

Now I will start a download, and check it again. See Figure 2:

We can see that in the packet size distribution, there are a lot of packets listed from 1024-1517,

Then we need to check how these packets generated.

Now, we will go to the protocol view to check whether there is any protocol for download.

We can see that there is http download in our network. Then we need to locate the computer which are downloading and deal with it.

Right click on the protocol, like Figure 4 showed, we can see the option: Locate Explore Node.

Then we can check the endpoints view for more details.

It is apparently that the node 192.168.6.8 is downloading, the bytes out is only 1.04MB, but the bytes out is 10.153MB.

Now we have find out the computer which are downloading the files and so we can deal with it.

As I know, this function is just a tip of iceberg. Capsa can do a lot of things like this.

Let’s share it.