網絡取證分析工具 NetworkMiner 1.1 發布

NetworkMiner是一款windows平臺下開放源代碼的網絡取證分析工具，同時也是一款比較好的協議分析工具，它通過數據包嗅探或解析PCAP 文件能夠檢測操作系統，主機名和網絡主機開放的端口。NetworkMiner還能夠從網絡通信中提取文件。

目前  NetworkMiner更新至1.1版，新版主要改變如下：

    * Extraction of parameters sent to Google Analytics into NetworkMiner’s “Host Details”. These parameters include: screen resolution, color depth, browser language and flash version.
    * You can drag-and-drop one or multiple pcap files onto NetworkMiner.exe to have it start up and begin loading the dropped pcap files. You can also submit your pcap files as arguments from the command line.
    * Multiple SMB/CIFS and NetBIOS improvements, such as support for multiple simultaneous SMB file transfers over the same TCP session as well as support for NetBIOS Session Service keep-alive messages.
    * Added support for Point-to-Point Protocol (PPP) frames in pcap files.
    * Improved stability when loading pcap files. Thanks to psteier for identifying this bug.

項目地址：http://www.netresec.com/?page=NetworkMiner
工具下載：http://sourceforge.net/projects/networkminer/files/networkminer/