网络协议嗅探器-JunkieTheSniffer
2012-08-20 15:06:03 
阿炯
JunkieTheSniffer 是一款实时的数据包嗅探器和分析器,其模块化的设计来完成多种不同的任务。JunkieTheSniffer 非常适用于帮助网络管理员和分析员。junkie的功能结合于tcpdump和Wireshark,不同于tcpdump的是能够任何深度协议的解析,不同于Wireshark的彻底地网络流量分析。此外,其设计包括扩展性和速度,它有一个插件系统和高级的扩展语言,简化了新功能的开发和组合,配有的线程数据包捕获和分析高带宽网络的处理,模块化的架构以简化任何协议层。
Compared to previously available tools junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, through, junkie is designed to analyze traffic in real-time and so cannot parse traffic as completely as wireshark does.
In addition, junkie's design encompasses extendability and speed:
plug-in system + high-level extension language that eases the development and combination of new functionalities;
threaded packet capture and analysis for handling of high bandwidth network;
modular architecture to ease the addition of any protocol layer;
based on libpcap for portability;
well tested on professional settings.
Junkie is still being maintained and extended by SecurActive dedicated team but we believe it can be further extended to fulfill many unforeseen purposes.
最新版本:2.6
该版本新增插件 Delayogram 用来可视化显示 ack 延迟;新的 -f 参数用来设置下一个捕获过滤器;支持 Eth QinQ(inQ...), DHCP protocol. Autodiscovery of IRC, jabber, VNC, CIFS, PCanywhere, citrix, telnet, BGP, IMAP, POP, and NTP
项目主页:https://github.com/securactive/junkie