Home
Contents

NetResident - Network Content Monitoring Tool
Prev Page Next Page
 
Introduction
Overview
System Requirements
What Network Content NetResident Can Analyze
What’s New in NetResident 3.0
NetResident Architecture
Deploying the Application
Before You Begin: Network Visibility
Step 1: Deploying the NetResident Service and Console
Step 2: Deploying NetResident Agents
Ensuring Connectivity Between the System Components
Tips and Tricks
Setting Up the Database
Step 1: Creating a New Database and Configuration File
Step 2: Selecting an SQL Server
Step 3: Selecting a Database Location and Name
Step 4: Setting Database Access Token
Step 5: Summary
Working with NetResident
Events
Connections
Alerts
About
Understanding the Difference Between the Display and Capture Filters
Remote Connections
Aliases
Workspaces
Adding Exceptions to NetResident Agents
Manual SQL Server Installation
Analyzing Imported Capture Files
Frequently Asked Questions
Sales and Support

What Network Content NetResident Can Analyze

NetResident can analyze dozens of protocols. The table below summarizes its protocol analysis capabilities.

Short Name

(used in the interface)

Protocol(s)

Description

Web

HTTP, HTTPS

Web contents, such as Web pages. Used mostly by Web browsers.

FTP

FTP

File transfer protocol. Used for downloading and uploading files from/to FTP servers.

Mail

POP3, SMTP, IMAP

Sending and receiving e-mail.

Telnet

TELNET

Telnet console communications.

News

NNTP

Reading and posting news to newsgroups.

ICQ/AIM

ICQ/AIM

Used in ICQ, Pidgin, Miranda, QIP, and a few other instant messaging applications.

Jabber

XMPP

Used in Psi, Gajim, Pidgin, Miranda, and many other instant messaging applications.

IRC

IRC

Used in KVIrc, mIRC, XChat, and many other applications.

Yahoo

Yahoo Messenger Protocol

Used in Yahoo Messenger

WebMail

Web-based E-mail Systems

Sending and receiving e-mail using Web-based services. Currently, NetResident supports Gmail, Live mail, AOL, Yahoo! Mail, Web.de, Gmx.de.

WebSocial

Social Networks

Posting messages in social networks. Currently, NetResident supports Twitter, Facebook, LinkedIn, MySpace, Xing, Google+, Tumblr, StudiVZ, MeinVZ, VKontakte, SchuelerVZ, Odnoklassniki, LiveInternet, and LiveJournal.

FileShare

File Sharing Systems

Downloading and uploading files from/to file sharing services.

OWA

Outlook Web Access

Sending e-mails in Outlook Web Access.

iCloud

iCloud

Files downloaded from iCloud.

MRA

Mail.ru Agent

Messaging and group chats in Mail.ru Agent.

VoIP

VoIP

Voice calls using SIP and H.323 protocols and RTP voice streams.

Encrypted Traffic Analysis

Unlike standard, non-encrypted network traffic analysis that can be performed passively, encrypted traffic analysis requires rather complex proactive interception techniques. To perform encrypted traffic decryption, NetResident acts as a “middleman” between the client and server.

Specifically, for each encrypted connection, NetResident generates a new temporary certificate that is signed using a self-signed root certificate. The root certificate is installed as a trusted certificate if/when you install NetResident agents.

While this method is very efficient for encrypted traffic analysis, some users might consider it excessively intrusive and insecure, as NetResident becomes capable of intercepting all the encrypted communications on the computers on which agents are installed. If you do not trust NetResident and do not want this interception to occur, do not install NetResident agents.