| |
 |
NetResident uses a protocol module plugin system for processing and displaying network events. Every plugin is responsible for processing one network protocol or a number of protocols. NetResident installation package comes with the following protocol plugins:
| · | Web – processes the data transmitted over the HTTP protocol. This plugin is responsible for displaying Web pages.
|
| · | Mail – processes the data transmitted over the POP3, SMTP, and IMAP protocols. These protocols are used by e-mail client and server software for e-mail message exchange.
|
| · | News – processes the data transmitted over the NNTP protocol. This protocol is used for newsgroup message posting and viewing.
|
| · | ICQ/AIM – processes the data transmitted over ICQ and AOL instant messaging protocols.
|
| · | MSN – processes the data transmitted over the MSN Instant messaging protocol version 8.
|
| · | FTP – processes the data transmitted over the FTP protocol used for downloading/uploading files from/to FTP servers.
|
| · | Yahoo – processes the data transmitted over Yahoo instant messaging protocol.
|
| · | Jabber – processes the data transmitted over XMPP protocol. This protocol is used for instant messaging by various Jabber clients, including Google Talk. Please note that the Jabber plugin is unable to capture SSL-encrypted messages.
|
| · | IRC – processes the data transmitted over Internet Relay Chat protocol.
|
| · | Telnet – processes the data transmitted over Telnet protocol.
|
| · | VoIP – processes the data transmitted over SIP protocol using RTP voice streams.
|
| · | WebMail – processes e-mail messages sent or received via the Web interface of Web-based mail systems (GMail, Hotmail, and Yahoo! Mail are supported).
|
| Note: The Web plugin is required for WebMail to operate properly.
|
| Note: Playback of captured voice streams is not available to Lite License users.
|
The plugin modules are located in the "Plugins" subfolder in the application folder. By default, all plugins are enabled and active, i.e. they process network data and save it to the database. If you are not interested in processing and storing the data transmitted over certain protocols, you can disable the corresponding plugins in order to decrease CPU load and disk space utilization.
Additional plugin modules from TamoSoft can be added to NetResident as they become available. You must put the plugin module file to the "Plugins" subfolder in the application folder. After adding a plugin, you need to restart the NetResident service to load the new module. Click on the Stop NetResident Service / Start NetResident Service items in the NetResident program group to restart the service.
Some NetResident plugins may be configured. To configure a plugin, Select Events => Filter => Advanced. Go to the Plugins tab. Select the desired plugin and click the Change button. At this moment the HTTP plugin supports configuring:
HTTP plugin filter
Displaying a Web page requires a large amount of auxiliary files to be loaded by a browser automatically when opening the web page. The purpose of this filter is to hide all auxiliary files in order to reduce the amount of displayed records.
Please check the Enable filtering box for the HTTP filter to become active. If you would like to temporarily disable the filter, uncheck this box.
The Show the following types list allows you to specify the file types that will (or will not, depending on the settings) be shown as network events.
| · | Text files – text and html files (Web pages)
|
| · | Well-known files –archives (.zip, .rar, .arj, etc.), MS Office documents (.doc, .xls) and other well-known files won't be displayed when this box is checked
|
| · | Audio files – audio files
|
| · | Video files – video files
|
| · | All other – any other file type
|
Unchecking the corresponding boxes will make NetResident hide the respective files from the event list. For instance, if you uncheck the Images box, you won't be able to see any images on the list. Unchecking the corresponding boxes will make NetResident remove the respective file types from the list. If you uncheck all boxes, you won't see HTTP network events at all.
Minimum image size, Kb – this option sets the minimum size the image must match to be displayed. Most images on the web (except photos) are quite small. If you would like NetResident to display images, but you don't want to see banners and page elements, set the desired value in this field.
Ignore responses with errors – when enabled, this option hides error requests/responses (most users should enable this option to reduce the amount of junk records).
Another part of the HTTP filter is site address filtering. It allows you to hide specific sites using their name as the filter criterion.
Hide the following sites – enables/disables site address filtering.
When enabled, the site address filter will hide all sites meeting the filtering criteria (specified in the Site Address Filtering frame). Please use the following basic syntax for specifying filter criterions:
. – any symbol
\. – the dot symbol
\d – a digit (from 0 to 9)
NetResident uses standard regular expressions for filtering. You can find more information regarding regular expressions and their syntax at http://www.regular-expressions.info/reference.html
Criteria examples:
Google\.com – hides sites containing "google.com" in their domain name
www\.google\.com – hides "www.google.com"
\.org$– hides all sites from the .ORG domain
\d – hides all sites that have a digit in their domain name
Note: If you only specify the domain as a criterion (.org, .com, etc.), the $ character should be placed at the end of the string.
To add a filter criterion, please click the Add button on the right side of the window.
The Add Record window will open. Please specify a desired criterion and click on the OK button. The window will close and the respective record will be added to the filter criteria list.
To remove a record, please select it in the list and click the Remove button. To edit a record, select the desired record and click the Edit button.
|
