NetworkMiner has been released! The new features in NetworkMiner 1.4 include:
- Better handling of fragmented IPv4 packets.
- Verification of ".pcap" file extension is completely removed. Files with any extension can now be loaded, provided they are valid libpcap files.
- DHCP options are extracted and presented on the parameters tab.
- Parser for the IEC 60870-5-104 protocol. This feature will be covered in more detail in a separate blog post soon.
A long awaited "Clear GUI" menu entry has been added to the "Tools" menu.
This feature will be welcomed by users who previously restarted NetworkMiner in order to clear the GUI.
NetworkMiner 1.4 with Clear GUI menu item
The Credentials tab has now gotten a check box that allows the user to show/hide captured HTTP cookies. This provides for a much cleaner view of captured usernames and passwords.
The professional version of NetworkMiner additionally includes a functionality that allows the user to specify customized port-to-protocol mappings. This feature will typically not provide much value for protocols using TCP, since the protocol identification feature in NetworkMiner Professional will identify the application layer protocol automatically. NetworkMiner does, however, not automatically recognize protocols running on top of UDP; this is where the manual port-to-protocol feature can come in handy.
Settings window in NetworkMiner Professional
Download NetworkMiner 1.4
The most recent release of the free (open source) version of NetworkMiner can be downloaded from SourceForge. Paying customers can download an update for NetworkMiner Professional from our customer portal.
Posted by Erik Hjelmvik on Thursday, 16 August 2012 20:17:00 (UTC/GMT)