Download: Kendo (Link to be provided)
Kendo is a powerful network packet capture and protocol analysis software developed using the MFC (Microsoft Foundation Classes) and WinPcap library. This tool allows users to capture local network traffic, analyze protocols in real-time, and perform offline protocol analysis by reading pcap files.
The system is designed to offer comprehensive functionality for real-time capture and online protocol analysis, as well as offline protocol analysis through stored pcap files. It provides a robust platform for monitoring and scrutinizing data packets on the local network interface, offering various features to enhance the analysis process.
- 1. Real-time Capture and Online Protocol Analysis:
- Live Packet Capture: The system captures data packets in real-time from the local network interface, allowing users to monitor ongoing network activities.
- Online Protocol Analysis: Analyzes the captured data packets on the fly, providing immediate insights into the current network protocols and activities.
- 2. Pcap File Storage:
- File Management: The system includes a storage module for pcap files, facilitating the organized storage of captured data for future reference and analysis.
- Archiving: Users can archive pcap files for historical purposes or compliance requirements.
- 3. Offline Protocol Analysis:
- File Reading Capability: The system supports reading stored pcap files, enabling users to conduct protocol analysis on historical network data.
- Historical Insights: Users can gain insights into past network behavior and diagnose issues retrospectively.
- 4. Display Filters:
- Selective Packet Analysis: Offers display filters that allow users to selectively choose data packets based on specified protocols.
- Customization: Users can define filters to focus on specific protocols, streamlining the analysis process.
- 5. Common Network Protocol Analysis:
- Application Layer: DNS, HTTP, DHCP
- Transport Layer: UDP, TCP
- Network Layer: IPv4, ICMP
- Data Link Layer: Ethernet, ARP
ICMP Message Type | ICMP Message Type Value | Support Parsing |
---|---|---|
Destination Unreachable | 3 | β |
Source Suppression | 4 | β |
Redirect | 5 | β |
Timeout | 11 | β |
Echo Request | 8 | β |
Echo Response | 0 | β |
DNS Resource Record Type | Function | Support Resolution |
---|---|---|
A | Query IP Address Based on Domain Name | β |
NS | Specify DNS Server to Resolve Domain Name | β |
CNAME | Query Alias of Domain Name | β |
PTR | Query Domain Name Based on IP Address | β |
DHCP Message Option | DHCP Message Option Code | Support Parsing |
---|---|---|
Fill | 0 | β |
Subnet Mask | 1 | β |
Gateway Address | 3 | β |
DNS Server Address | 6 | β |
Domain Name | 12 | β |
Request IP Address | 50 | β |
IP Address Lease Time | 51 | β |
DHCP Message Type | 53 | β |
DHCP Server ID | 54 | β |
Manufacturer's Logo | 60 | β |
Client ID | 61 | β |
End | 255 | β |
- 6. Support Shortcut Keys:
Shortcut Keys | Functions |
---|---|
Ctrl + G | Position the cursor to the currently selected packet |
Ctrl + O | Open pcap file |
Ctrl + W | Close pcap file |
Ctrl + S | Save as new pcap file |
Alt + F4 | Exit program |
This project is built using the C++ programming language, ensuring efficiency and high-performance capabilities in network packet capture and analysis.
Kendo, developed under the GNU GPLv2 license, operates with certain licensing provisions. To ensure clarity, please refer to the full text of the license found in the COPYING file, as it is the legally binding document. The following notes are intended to aid those unfamiliar with the GPLv2.
-
Usage Restrictions:
- There are no restrictions on the use of Kendo.
- Restrictions apply to the distribution of Kendo in both source and binary forms.
-
License Coverage:
- Most components of Kendo are licensed under "GPL version 2 or later."
- Some files may be subject to different licenses compatible with the GPLv2.
-
Special Cases:
- Certain utilities within the Kendo source have distinct licenses:
- The WinPcap utility is licensed under the GPLv3+.
- Despite these exceptions, only the tools themselves are subject to these licenses, and the output of the tools is not considered a derived work. Thus, the output can be safely licensed for Kendo's use.
- Certain utilities within the Kendo source have distinct licenses:
-
Library Distribution:
- Parts of Kendo may be built and distributed as libraries.
- These library components remain under the GPL and are not subject to the Lesser General Public License or any other license.
-
Integration into Applications:
- If you integrate all or part of Kendo into your own application, the application must be released under a license compatible with the GPL.
By adhering to these licensing terms, users and developers ensure compliance with the GNU GPLv2 license governing Kendo. It is advisable to consult the full license text for authoritative information on the legal aspects of Kendo's distribution and usage.
This product comes with no warranties, either expressed or implied. Users are advised to utilize the product at their own risk.
For inquiries or communication with the Kendo Team, please contact us at [email protected].