CITC 2326_Case Project 13-4

.docx

School

Volunteer State Community College *

*We aren’t endorsed by this school

Course

2326

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by adder1

Report
1 Mr. Abrantes CITC 2326 Case Project 13-4: Compare Protocol Analyzers Wireshark is a free, open source protocol analyzer, widely considered to be one of the best protocol analyzers on the market. Its primary use is for deep inspection of several hundred different protocols, including visualization of the exact data in the packets. It has a very strong filtering system so that you can bring the focus to a single specific protocol, to a wide range can be displayed. Additionally, there is a statistics section that can break down the stats for things like resolved addresses, graphs showing packets per second over time, and even number of http requests. The software is a very robust analyzer, in use in many large corporation’s networking groups. Figure 1 – Wireshark Microsoft Message Analyzer is a free tool from Microsoft. Like Wireshark, it is used to perform deep packet inspection on network traces. MMA has the option to have additional data sources, such as files, event logs, and SQL connections. The GUI is very customizable, having multiple layouts available as well as being able to change the columns listed. It doesn’t have the statistics as Wireshark does, but it has considerably more charts available. Figure 2 - Microsoft Message Analyzer Colasoft’s Capsa 11 Free is a free download that is a feature-limited version of the Capsa Standard edition. Due to the limitations in the free version, you cannot customize charts or protocols.
2 On the main capture screen, there is a wealth of information available, however it seems that many of the fields/graphs/etc are not overly useful in a standard packet analysis. It seems like Colasoft took the view of putting as many tools in as possible, even if the tool was only a niche use. Figure 3 - Colasoft Capsa 11 Free Of the three, it’s fairly obvious why Wireshark enjoys such a large portion of the protocol analysis market. Wireshark has an intuitive interface, provides useful information, and is open source. Microsoft Message Analyzer has the advantage of having Microsoft support available should it be needed, and in an enterprise environment this can be an important feature. Colasoft’s Capsa was the weakest of the entries as the overabundance of information made it less intuitive to find the information needed, and the fact that it is not a full-featured free edition is also a detriment. I would suggest Wireshark for most needs, with Microsoft Message Analyzer picking up the slack in an environment where there is a Microsoft agreement already in place.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help