Captcp
| Captcp
|
|
|---|---|
|
|
| Basic data
|
|
| developer | The captcp team |
| Current version | 1.9 (March 26, 2015) |
| operating system | Linux , FreeBSD , macOS |
| programming language | python |
| category | Network traffic analysis program |
| License | GPL ( free software ) |
| German speaking | No |
| http://research.protocollabs.com/captcp/ | |
Captcp is a free program for the interactive and automated analysis of TCP packets that were previously recorded with a sniffer such as Tcpdump or Wireshark .
Captcp analyzes pcap files offline and does not offer the possibility of analyzing data streams in real time. The following analysis methods are supported:
- Time sequence analysis
- Throughput and data rate
- TCP in-flight analysis
- TCP socket statistics
- Packet spacing analysis
- Package flow diagram (flow)
Analysis options
Captcp processes TCP packets and data streams and enables a variety of analyzes. The following possibilities arise among others:
- Detection of transmission problems based on TCP or application layer
- Analysis of basic network stack properties of the respective operating system
- Analyze network path characteristics - e.g. filtering ECN packets
- TCP congestion window analyzes
- Temporal correlation of TCP data and ACK packets
- Packet burst scenarios and their effects
A number of other analyzes are also possible. Captcp provides the basis for the analyzes - links and statements are to be made by the user.
Working method
Captcp works interactively on the command line or graphically via Gnuplot , whereby Gnuplot supports a variety of output formats such as PDF , SVG or PNG . The scripting properties make Captcp particularly suitable for automated protocol analyzes. In addition, the program provides the option of expanding the range of functions with your own modules.
Captcp is available as a complete package for various Linux distributions. Captcp has already been used on FreeBSD and macOS .