How could I sniff network traffic in Java?

Asked 2/10, 2014 at 0:52 Answered 11/8, 2016 at 8:35

I was just looking around to find out how to make a program that would sniff my network traffic in Java, but I couldn't find anything. I wanted to know if there was any way to view the network traffic going by. I heard of an idea with a Socket, but I don't get how that would work. So anyways, just looking for an API or a way to write it myself.

EDIT: I would gladly like an API, but I would also like clarification on the way to sniff traffic with a Socket.

Rager answered 2/10, 2014 at 0:52 Comment(2)

You can't do it with a Java Socket. – Wartburg 2/10, 2014 at 1:45

@EJP, bjlee clearly just stated he did it with raw sockets in C++. Just pointing that out. – Rager 6/10, 2014 at 2:53

jpcap, jNetPcap -- those are pcap wrapper projects in Java.

Kraken -- similar project, well documented with lots of examples.

simple example from the Kraken web site:

public static void main(String[] args) throws Exception {
    File f = new File("sample.pcap");

    EthernetDecoder eth = new EthernetDecoder();
    IpDecoder ip = new IpDecoder();
    TcpDecoder tcp = new TcpDecoder(new TcpPortProtocolMapper());
    UdpDecoder udp = new UdpDecoder(new UdpPortProtocolMapper());

    eth.register(EthernetType.IPV4, ip);
    ip.register(InternetProtocol.TCP, tcp);
    ip.register(InternetProtocol.UDP, udp);

    PcapInputStream is = new PcapFileInputStream(f);
    while (true) {
        // getPacket() will throws EOFException and you should call is.close() 
        PcapPacket packet = is.getPacket();
        eth.decode(packet);
    }
}

Bettyannbettye answered 2/10, 2014 at 0:59 Comment(3)

This helped, but it would be great if you could clarify the way to do it with a Socket. – Rager 2/10, 2014 at 1:3

@JavaIsCool , I think the idea that use Socket is very painful to implement. It requires lots of networking knowledge including RAW sockets. Once I have implemented similar solution in C++ over RAW sockets, but I never recommend you to follow the similar steps. – Bettyannbettye 2/10, 2014 at 1:6

Is this a viable way to sniff a local machine's program's packets? I just wanna see what another program is receiving and sending... – Subcontinent 2/2, 2015 at 2:56

Another Java libpcap wrapper is https://github.com/kaitoy/pcap4j

Pcap4J is a Java library for capturing, crafting and sending packets. Pcap4J wraps a native packet capture library (libpcap or WinPcap) via JNA and provides you Java-Oriented APIs.

Spheroidicity answered 5/12, 2015 at 20:20 Comment(1)

this is the only one that is still maintained. – Faiyum 2/12, 2016 at 8:19

You need a packet sniffer api, maybe netutils is what you need:

The 'netutils' package gives a low level java network library. It contains extensive infrastructure for sniffing, injecting, building and parsing Ethernet/IP/TCP/UDP/ICMP packets.

Spacious answered 2/10, 2014 at 0:55 Comment(0)

-3

Not telling any API or java related thing but if you really want to only sniff data for analysis purpose then give try: WireShark. Its an application used for network analyse.

Its useful if someone is not aware of.

Coronagraph answered 11/8, 2016 at 8:35 Comment(0)

Recommended topics

Hot tags