TamoSoft: Network Analysis Tools & Security Software
Contents

LAN Analyzer and Protocol Decoder - CommView
Site Survey Tool - TamoGraph Next Page
 
Introduction
About CommView
What's New
Using the Program
Overview
Selecting Network Interface for Monitoring
Latest IP Connections
Packets
Logging
Viewing Logs
Rules
Advanced Rules
Alarms
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Scheduler
Using Remote Agent
Using RPCAP
Capturing Loopback Traffic
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Introduction
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations
Endpoints
Errors
Call Logging
Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Capturing High Volume Traffic
Working with Multiple Instances
Running CommView in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
Information
How to Purchase CommView
Contacting Us

Packet Generator

This tool allows you to edit and send packets via your network card. To open the Packet Generator, click Tools => Packet Generator, or select a packet from the Packets tab, right-click on it, and select the Send Packet command.

 

pgen

 

Please note that the Packet Generator cannot and should not be used for sending application-layer TCP streams, i.e. it cannot take care of incrementing SEQ or ACK values automatically, adjusting checksums and packet sizes and so forth. If you need to send a TCP stream, you should use a Winsock-based application specifically designed for that purpose. The Packet Generator is a tool for replaying pre-captured data, testing firewalls and intrusion detection systems, as well as for performing other specific tasks that require manual packet crafting.

 

The Packet Generator allows you to change the packet contents and have the packet decode displayed in the left window as you edit it. You can create packets of any kind; you have full control over the packet contents. For IP, TCP, UDP, and ICMP packets, you can automatically correct the checksum(s) by clicking on the Sigma button. To assist you with packet editing, the Visual Packet Builder tool is also available; click on the corresponding button to invoke it.

 

You can also click on the button with an arrow on it to display the list of available packet templates. The program comes with TCP, UDP, and ICMP packet templates; using them is often faster than typing hex codes in the editor window. These templates contain typical TCP, UDP, and ICMP packets, but you would most probably want to edit many packet fields and use meaningful values that suit your needs, such as real MAC and IP addresses, port numbers, SEQ and ACK numbers, etc. You can use your own templates rather than the built-in ones. You can drag-and-drop a packet from the CommView Packets tab to the Templates section in the Packet Generator window. If you drop several packets into the Templates section, only the first packet will be used as a template. An entry named New Template will appear in the list of templates. You can rename a template by right-clicking on it in the list and selecting Rename. If you need to delete a template, right-click on it and select Delete from the pop-up menu. Selecting a template in the list will load the packet that it contains in the editor window where it can be edited prior to sending.

 

You can also place NCF files with the templates of your choice to the TEMPLATES subfolder in the application folder. If CommView finds NCF files (or just one of them) in the TEMPLATES subfolder, it will list them among the available templates in the drop-down list. These NCF files should contain only one packet per file, but if you use a file that contains many packets, CommView will load only the first one.

 

Once you have edited a packet, use the controls below to send it:

 

Packet Size – modifies the packet size.

Packets Per Second – controls the speed at which packets will be sent. Be sure not to send packets too fast if you have a slow connection. For example, sending a 1,000 byte packet 5,000 times per second is more than your 10Mbit NIC can handle.

Continuously – select this option if you want the Packet Generator to send packets continuously until you click Stop.

Time(s) – select this option if you want the Packet Generator to send packet a given number of times.

Send/Stop – click this button when you are ready to send packets or to stop sending them.

 

Working with multiple packets

 

You can use the Packet Generator to send multiple packets at once. To do that, just select the packets you want to send in the list and invoke the Packet Generator using the right-click menu, or drag and drop the selected packets to the Packet Generator window. Alternatively, you can drag and drop capture files in all supported formats directly to the Packet Generator window. When multiple packets are being sent, the packer editor and decoder tree become invisible.

 

Saving edited packets

 

If you edit a packet and would like to save it, just drag the decoder tree to the desktop or any folder, and a new file in NCF format containing the packet will be created. The file name is always PACKET.NCF. You can also drag the packet to the templates window. If you need to edit and send multiple packets, edit them one by one, each time dragging a new packet to the desktop and renaming it. After that, open a new Log Viewer window, drag-n-drop the edited packets from the desktop to Log Viewer, select them using the Shift button, and invoke the Packet Generator using the context menu.

 

WARNING:

 

1. Don't use the Packet Generator unless you know exactly what effect you want to achieve. Sending packets may produce unpredictable results, and we strongly recommend refraining from using this tool unless you are an experienced network administrator.
2. There should be at least one working computer on your LAN besides your own computer when you use this tool. Otherwise, you will experience severe delays in sending packets.