Application to comfortably monitor your network traffic
Multithreaded, cross-platform, reliable
Application translated in: 🇬🇧 - 🇮🇹
More languages will be supported in the upcoming releases
You can install Sniffnet in one of the following ways:
from Crates.io 
Follow this method only if you have Rust installed on your machine.
In this case, the application binary can be installed with:
cargo install sniffnetfrom GitHub releases 
You can install Sniffnet through the installers available in the latest release.
Choose from a Windows installer, a macOS disk image, or a DEB package (depending on your operating system).
Here for your convenience you can find the direct link to the downloads:
- Windows (7.3 MB)
- macOS (6.5 MB)
- Linux .deb (5.2 MB)
from Homebrew 
You can install Sniffnet's Homebrew package with:
brew install sniffnetDepending on your operating system, you may need to install some dependencies to run Sniffnet:
Windows dependencies 
In order to correctly run Sniffnet on Windows systems you need to:
Linux dependencies 
In order to correctly run Sniffnet on Linux systems, install the libraries and header files for the libpcap library:
sudo apt-get install libpcap-devNote that if you are not running as root, you need to set capabilities to inspect a network adapter:
sudo setcap cap_net_raw,cap_net_admin=eip <your/Sniffnet/executable/path>Most Linux system also need this dependency (required to build the library used to play sounds):
sudo apt-get install libasound2-devDepending on your Linux environment you may also need libfontconfig:
sudo apt-get install libfontconfig libfontconfig1-devMacOS dependencies 
MacOS natively has all the dependencies you need to build and run Sniffnet!
- 💻 choose a network adapter of your PC to inspect
- 🏷️ select a set of filters to apply to the observed traffic
- 📖 view overall statistics about your Internet traffic
- 📈 view real-time charts about traffic intensity (bytes and packets per second, incoming and outgoing)
- 🔉 set custom notifications to inform you when defined network events occur (data rate exceeded a specified threshold, or new data have been exchanged from your favorite connections)
- ⭐ view most relevant connections in real time (most recent, most packets, most bytes, favorites)
- 🌍 get information about the country of the remote network addresses (IP Geolocation)
- 🎨 choose the style that fits you the most from 4 different available themes
- 📁 save complete textual report with detailed information for each connection:
- source and destination IP addresses
- source and destination ports
- carried protocols
- amount of exchanged packets and bytes
- initial and final timestamp of information exchange
- ... and more!
See details
Geolocation refers to the remote IP address of the connection, and it's performed against a MMDB file:
The MMDB (MaxMind database) format has been developed especially for IP lookup. It is optimized to perform lookups on data indexed by IP network ranges quickly and efficiently. If you want the best performance on your IP lookups for use in a production environment, you should use the MMDB format files.
This format potentially allows Sniffnet to execute different hundreds of IP lookups in a matter of a few milliseconds.
Sometimes it is not possible to determine the location of an IP address; this is most likely due to the address being a private IP address.
See details
Please, note that application layer protocols are just inferred from the transport port numbers.
| Port number(s) | Application protocol | Description |
|---|---|---|
| 20, 21 | FTP | File Transfer Protocol |
| 22 | SSH | Secure Shell |
| 23 | Telnet | Telnet |
| 25 | SMTP | Simple Mail Transfer Protocol |
| 49 | TACACS | Terminal Access Controller Access-Control System |
| 53 | DNS | Domain Name System |
| 67, 68 | DHCP | Dynamic Host Configuration Protocol |
| 69 | TFTP | Trivial File Transfer Protocol |
| 80, 8080 | HTTP | Hypertext Transfer Protocol |
| 109, 110 | POP | Post Office Protocol |
| 123 | NTP | Network Time Protocol |
| 137, 138, 139 | NetBIOS | NetBIOS |
| 143, 220 | IMAP | Internet Message Access Protocol |
| 161, 162, 199 | SNMP | Simple Network Management Protocol |
| 179 | BGP | Border Gateway Protocol |
| 389 | LDAP | Lightweight Directory Access Protocol |
| 443 | HTTPS | Hypertext Transfer Protocol over SSL/TLS |
| 636 | LDAPS | Lightweight Directory Access Protocol over TLS/SSL |
| 989, 990 | FTPS | File Transfer Protocol over TLS/SSL |
| 993 | IMAPS | Internet Message Access Protocol over TLS/SSL |
| 995 | POP3S | Post Office Protocol 3 over TLS/SSL |
| 1900 | SSDP | Simple Service Discovery Protocol |
| 5222 | XMPP | Extensible Messaging and Presence Protocol |
| 5353 | mDNS | Multicast DNS |
See details
Most of the errors that can occur are likely due to your system missing required pcap dependencies,
necessary to correctly analyze a network adapter.
Check the required dependencies section for instructions on how to proceed.
For a Windows reference, you can check issue #1.
Note that most Linux system also need this dependency (required to build the library used to play sounds):
sudo apt-get install libasound2-devSome Linux systems also need libfontconfig, see issue #18 for a reference.
If you have problems after having installed Sniffnet through the provided installers,
it could be due to your OS not being compatible with the pre-built binaries I generated for you.
Reach me out, and I'll try to generate an installer for your specific operating system.
In any case don't hesitate to open an issue, and I will do my best to help you!
Do you want to improve Sniffnet? Check here
Sniffnet is also open to design contributions: