Archive

Author Archive

Colasoft Announces Release of nChronos Network Performance Analysis System v5.6

August 9th, 2019 No comments

Chengdu, China, August 8, 2019-Colasoft Co., Ltd,a visionary provider of network performance analysis and diagnostics solutions, today announced the launch of nChronos Network Performance Analysis Solution v5.6. nChronos designed for 24×7 network packets capturing, analysis and storage, dedicated to the sustainable, efficient and safe running of networks, and provides a reliable data basis for determining constructive suggestions for enterprise profit growth.

Customer requirements for usability of nChronos drove the demand for the new version. With nChronos v5.6, users can fast drill down and locate the data which they want to check, and analyze traffic in an individual window. The new version also provide sublink configuration with 7 types, and add new burst alarm type to improve the usability.

“Nowadays, the network not only supports the business, but also driving the business. Network administrators need to see, manage and act on the network,” said Kang Lin, CEO of Colasoft. “Obviously, they need a visible, fast, and easy to use NPMD solution. That is what nChronos delivering for enterprise customers.”

The latest release of nChronos features:

  • Add custom analysis in new window.
  • Physical address supports virtual interface configuration.
  • Custom application analysis and application alarm for Netflow traffic.
  • Add sublinks for VLAN, VXLAN, MPLS VPN, ISL VLAN and network segment.
  • Add burst alarm type.
  • Traffic alarms support setting metric key value.
  • Add new metrics, including bps 95p peak, client IP quantity, slow connections and 0 window delay.
  • Add 1-minute baseline for links and applications on two metrics, total conversations and new conversations.

An evaluation version of nChronos v5.6 is available for download at http://www.colasoft.com/download/products/nchronos.php

Colasoft Announces Release of Capsa Network Analyzer v12.0 with New Analysis Profile

July 30th, 2019 No comments

Chengdu, China, July 23, 2019-Colasoft Co., Ltd, an innovative provider of network performance analysis and diagnostics solutions, today announced the release of Capsa Network Analyzer v12.0, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis and network troubleshooting.

The highlight of Capsa 12.0 is to add a new analysis profile, Full Traffic Decoding, which is used for displaying the decoding field of a certain protocol. With the new analysis profile, users can get the correlative decoding field value, conversation statistics and packets information. It is convenient for users to view the protocol decoding field and related statistics.

And in the new version, Capsa 12.0 users the DPI filter to filter out network packets. Users can customize filter conditions now. Technically, all the protocol decoding fields can be set as the filter condition. Capsa also provides some default filter rules based on protocols in Packet Analysis Filters Settings and Packet Storage Filters Settings.

Besides, Capsa provides a new function to show window size and RTT value for each TCP conversation. It is convenient for users to locate performance issues based on TCP conversations.

“With the release of Capsa 12.0, Colasoft enhanced the function of packet filter. Users can define filter conditions in the analysis profile before starting a capture. Such improvements show that we are always user-oriented.” said Eddie Gao, CIO at Colasoft, “We are working to provide Capsa which has very friendly interface, high reliability and good application effect.”

Capsa v12.0 is compatible with Windows 7/8/10 and Windows Server 2008/2012. A trial is available for download at http://www.colasoft.com/download/products/download_capsa.php

Great offers on now!

November 7th, 2016 No comments

We are pleased to announce that a Special Offer in November starts now.

This Special sale will last until November 30th, please find more information at: www.colasoft.com/discount/201611/

Categories: News & Events Tags:

Colasoft Announces Release of nChronos v5.2

October 19th, 2016 Comments off

October 19, 2016 – Colasoft, an innovative provider of powerful and affordable network analysis and application performance analysis solutions, today announced the release of its flagship product Colasoft nChronos Network Performance Analysis Solution v5.2. nChronos v5.2 comes with new types of alarms and adds TCP transaction analysis.

nChronos v5.2 provides a baseline analysis feature. Choose a baseline type, and then the baseline will be generated and displayed automatically. Furthermore, users can configure baseline alarms by setting a deviation threshold from the baseline. Also provided are whitelist and blacklist alarms, which allow users to customize whitelist and blacklist. Baseline analysis, together with blacklist and white alarms, makes it easy for network administrators to find out abnormal network traffic and abnormal net

Colasoft Announces Release of UPM v5.1

August 23rd, 2016 Comments off

August 23, 2016– Colasoft, a leading provider of innovative and affordable network analysis solutions, announces the release of a new version of Colasoft UPM today. With the release of Colasoft UPM V5.1, just by a glance, users can know network running status, business running status and whether there are alarms triggered. In addition to business monitor and analysis, UPM 5.1 provides direct traffic monitor and analysis, and automatic network performance analysis. Besides new features, this release brings a lot of improvements, which will help users a lot on both network performance analysis and application performance analysis.

This new version of Colasoft UPM comes with a New Home Page, which could display the overall monitor status in real-time.Also, UPM Center provides a Probe Traffic Monitor page to display traffic trend charts for each probe. And a Probe Traffic Analysis page is add

Categories: News & Events, Uncategorized Tags:

Colasoft Announces Release of Capsa Network Analyzer v9.0

June 24th, 2016 Comments off

June 21, 2016 – Colasoft LLC, a leading provider of innovative and affordable network analysis solutions, today announced the availability of Colasoft Capsa Network Analyzer v9.0, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis, and intrusion detection. Together with the new release of Capsa, Colasoft MAC Scanner, Ping Tool, Packet Player and Packet Builder are all enhanced and released to the public.

Network traffic could be analyzed based on local processes in Capsa v9.0. The new release provides a Process View and a Process Explorer, with which users could easily find the network conversations for a local process, listing process name, process ID and bytes. By only a few clicks, packets data for process name and process ID will be listed immediately.

Following are the major improvements:

bps calculation is optimized so that the bps of the root node is the sum of those of sub-nodes.
The number of nodes displayed on the Node Explorer is not limited anymore.
View display is optimized so that the views display smoothly upon switching on different views when there is large volume of data on the view.
Conversation data display is optimized and the Data Flow tab displays data more quickly.
IP address geographical information library is updated for Colasoft Ping Tool.
User interface display is optimized for Colasoft Ping Tool.
MAC address manufacturer information is updated for Colasoft MAC Scanner.

“The process analysis feature provides a Process view showing network traffic for local processes, and related protocols, TCP conversations and UDP conversations.” said Eddie Gao, CTO at Colasoft, “This feature will help IT people a lot on network troubleshooting, especially on finding Trojan virus.”

A free trial of Capsa network analyzer v9.0 is available for download at http://www.colasoft.com/download/products/download_capsa.php

Colasoft MAC Scanner, Ping Tool, Packet Player and Packet Builder are available for download at http://www.colasoft.com/products/freeware.php

Categories: News & Events Tags:

Free Mac Scanner Software: Colasoft Mac Scanner Reviewed By ilovefreesoftware

May 17th, 2016 No comments

Below is the Colasoft Mac Scanner review from ilovefreesoftware.com

Colasoft MAC Scanner is a free network scanner software for Windows. It can scan all the ports of your local network for connected devices. It can provides you the details such as: IP Address, MAC Address, Host Name, Workgroup, and Manufacturer.

It provides the details in tabular format, and you can easily export the data to txt or csv format. The program is helpful for Network Administrators to maintain a list of Network assets. You can easily check who is using your network.

How to Scan Network for Connected Devices using Colasoft MAC Scanner:

It is very easy to use this tool to scan the entire network, and find details of all the connected devices.

You can click Start button on the main toolbar or press F5 key from your keyboard to start the scanning process. You can run it from Start Menu Run command also by typing “csmac” and pressing Enter key. It automatically detects all the Local Subnet list or you can click Refresh from the Local Subnet dropdown. It takes just a few seconds to scan the entire network, and keeps showing details of the devices while scanning.

Once the scanning is complete, you can export the list of connected devices. You can export the list in  .TXT, or .CSV  format, and also in its native .CSCNTAB (Colasoft Name Table File).

The size of the program is just 6.79 MB and it can works with almost every Windows version.

If you want to export only some records for later reference; you can do this too by selecting the records you want and click the Export Selected button on the main toolbar or use context menu command to do so.

 

More commands like Copy, Delete, Find are also there in the Default toolbar and in the Edit menu. Also if the scanning process is taking much time, you can then Pause or Stop the process any time by pressing the desired button.

Another interesting feature of this software is that it also lets you specify number of threads that can be used for scanning. You can choose between 1 to 100 threads. More the number of threads, faster will be the scanning performance.

Limitations of this software:

Despite being good at what it does, this software comes with its limitations and drawbacks as well. First of all, the documentation of this software talks about some features, which are actually not available in the free version. Secondly, I tested this software multiple times, but it never gave me the “Manufacturer” information.

Get Colasoft Mac Scanner.

Free MAC Scanner Software: Colasoft MAC Scanner reviewed by Arun Kumar on April 15, 2016 rated 4.0 of 5

Categories: Reviews Tags:

Colasoft Announces Release of nChronos Network Performance Analysis Solution v5.1

April 27th, 2016 Comments off

April 26, 2016 – Colasoft (www.colasoft.com), an innovative provider of powerful and affordable network analysis solutions, today announced the release of its flagship product Colasoft nChronos Network  Performance Analysis Solution v5.1. With the packets of user-defined applications can be stored with truncated length now, the storage and retrieval performance are greatly improved. In addition, HTTP packets reconstruction and packets replay link are now available in nChronos 5.1, allowing network managers to easily monitor network activities and replay packets for abnormality diagnosis.

People have attached more and more importance to the security of the web information. While as the central protocol of web’s application layer, HTTP forms the founda

Categories: News & Events Tags:

Detect Brute-Force Attacks With nChronos Network Security Forensic Analysis Tool

March 29th, 2016 No comments

Brute-force attacks are commonly known attack methods by which hackers try to getaccess to restricted accounts and data using an exhaustive list/database of usernamesand passwords. Brute-force attacks can be used, in theory, against almost any encrypted data.

When it comes to user accounts (web based or system based), the first sign of a brute-force attack is when we see multiple attempts to login to an account, therefore allowing us to detect a brute-force attack by analyzing packets that contain such events. We’ll show you how Colasoft’s nChronos can be used to identify brute-force attacks, and obtain valuable information that can help discover the identity of the attacker plus more.

For an attacker to obtain access to a user account on a website via brute force, he is required to use the site’s login page, causing an alarming amount of login attempts from his IP address. nChronos is capable of capturing such events and triggering a transaction alarm, warning system administrators of brute-force attacks and when the triggering condition was met.

CREATING A TRANSACTION ANALYSIS & ALARM IN NCHRONOS

First, we need to create a transaction analysis to specify the pattern/behavior we are interested in monitoring:

From the nChronos main page, first select the server/IP address we want to monitor from the Server Explorer section.

Next, from the Link Properties, go to the Application section and then the Analysis Settings as shown below:

colasoft-nchronos-brute-force-attack-detection-2a

Figure 1. Creating a Transaction Analysis in nChronos (click to enlarge)

Now click the button of New Web Application (second green button at the top) to set a Web Application, input Name and HTTP Hostname, then check the box labeled Enable Transaction Analysis and add a transaction with URL subpath e.g “/login.html”.

Proactively monitor your network 24/7 for attacks, suspicious network traffic and problems – Download nChronos now!

At this point we’ve created the necessary Transaction Analysis. All that’s required now is to create the Transaction Alarm.

To create the alarm, click Transaction Alarms in the left window, input the basic information and choose the parameter of Transaction Statistics in Type, and then set a Triggering Condition as needed, for example, 100 times in 1 minute. This means that the specific alarm will activate as soon as there are 100 or more logins within a minute:

colasoft-nchronos-brute-force-attack-detection-3a

Figure 2. Creating a Transaction Alarm (click to enlarge)

Finally, you can choose Send to email box or Send to SYSLOG to send the alarm notification. Once complete, the transaction alarm fordetecting brute-force attack is set. When the alarm triggering condition is met an email notification is sent.

Note that the specific alarm triggering condition does not examine the amount of logins per IP address, which means the alarm condition will be met regardless if the 100 login attempts/min is from one or more individual IP addresses. This can be manually changed from theTransaction Analysis so that it shows the login attempt times of each individual IP address.

Below is a sample output from an alarm triggered:

colasoft-nchronos-brute-force-attack-detection-3a

Figure 3. nChronos Brute-Force alarm triggered – Overall report (click to enlarge)

And below we see the same alarm with a per-IP address analysis:

colasoft-nchronos-brute-force-attack-detection-4a

Figure 4. nChronos Brute-Force alarm triggered – IP breakdown (click to enlarge)

The article shows how nChronos can be used to successfully detect a Brute-Force attack against any node on a network or evenwebsites, and at the same time alert system administrators or IT managers of the event. If you’re a network administrator, network engineer or IT manager, we strongly suggest you try out Colasoft nChronos today and see how easily you can troubleshoot network problems, proactively obtain alerts on unusual network traffic and monitor your network around the clock.

from: http://www.firewall.cx/general-topics-reviews/colasoft/nchronos-forensic-analysis/1139-nchronos-brute-force-attack-detection.html

 

Colasoft Capsa Network Analyzer v8.3 is Available Now!

March 29th, 2016 No comments

We are very pleased today to announce that a new version of Colasoft Capsa Network Analyzer, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis, and intrusion detection, is now available.

Capsa Network Analyzer v8.3 comes with the following improvements and fixed bugs:

  • The Windows 10 operating system logs off from time to time when starting Capsa.
  • Added name table cannot be auto-saved.
  • Packet files with capitalized extension cannot be replayed.
  • Log View settings in Analysis Profile cannot be auto-saved.
  • For wireless analysis, no packets are shown on the Packet view when a MAC address is selected in the Node Explorer.

A free trial of Capsa network analyzer v8.3 is available for download at:http://www.colasoft.com/download/products/download_capsa.php