Network Monitor 0.3.0
This iteration of our Beta release and includes several improvements focused on the Data Explorer and the initial user experience.
New Features since 0.2.0:
– New Data Explorer report definitions allow users to create function-based columns
– Data Explorer report editor shows report preview as edits are performed
– Streams detail view includes a new viewer for audio streams
– Users can now filter to a single stream from the streams grid
Enhancements since 0.2.0:
– Data Explorer report generation performance improvements (specifically related to app associations)
– Improved useability for first time users (Pre-compiled engine dictionary, fewer warnings enabled by default)
– Support for one-sided RTP video streams
– Added file type display to Content Explorer documents tab
Network Monitor 0.2.0
After months of development, we at Recon are excited to release version 0.2.0 beta of Network Monitor Professional! Like the impending production release, the new beta is a free, fully-featured standalone network forensics application. There is no trial period, no disabled features, no usage limit, and no pestering advertisements.
New Features since 0.1.0:
– Added document (SMB) and email displays in the Content Explorer
– Added disk usage to file upload display
– Added support for software updates in the About section
Enhancements since 0.1.0:
– Improved scrolling performance on Devices, Streams, and Content Explorer
– Updated Streams, Devices, and Content Explorer page data loading
– Added item counts to Content Explorer tabs
– Improved Content Explorer rendering performance
– Updated Content Explorer to display images transferred over SMB or email
– Varied UI page rendering performance improvements
– Updated Memory Usage display on the Capture page
– Updated stream “info tray” implementation
– Fixed Geo display in Stream Details Info Tray
– Improved App Server data ingest performance from engine
– Resolved resource leaks impacting performance in the Application Server
– Improved engine detection of email attachments
Network Monitor 0.1
Introducing Recon Network Monitor 0.1!
The team at Recon has been looking forward to this moment for over two years, and it’s finally here. We are so proud to bring you a new way to understand what is happening (and has happened) on your network. Network Forensics has long been a specialized skill requiring a patchwork set of tools and custom capabilities. The Recon Network Monitor is now your single, easy to use starting point for network visibility.
Our small team of network and software engineers has been creating specialized network monitoring capabilities for years. This initial release provides a tremendous amount of capability, and our roadmap is full of new features, so expect to see things growing quickly. We’ll be on the forums all the time – join us there to get help, suggest a feature, or see how others are using the network monitor.
What’s new in Recon Network Monitor 0.1?
There is so much to introduce, so we’ll start with the highlights
Live collection and PCAP file processing
Whether you have a live feed of packets from a network, or have collected data lying around in pcap files, the Recon Network Monitor can process those packets and visualize them in a way that will help you quickly and easily find what you are looking for.
TCP and UDP stream reassembly
The packet processing system dynamically reconstructs all TCP and UDP streams as they are being processed. The reconstructed streams can be rendered in many formats, including a raw hex view, a web page viewer, video and audio viewers.
Powerful and Extendable Rules Engine
Strings and regular expressions can be used to identify and label metadata in real time. Use the rules to identify applications, match specific user activity, and look for policy violations. If you need specific metadata that hasn’t been defined yet, you can create your own rules to pull out new data from the network traffic.
The rules for application signatures allow you to see exactly what devices are running what applications on your network. Do you run applications that we don’t have a signature for? Easily create a rule for your network specific application.
Data and Content Explorer
The data explorer provides summary reports for any of the hundreds of metadata fields that we have defined, or the unlimited fields you have defined as rules. The content explorer shows unencrypted web pages, images and videos, reconstructed as closely as possible to how it was originally intended to be seen.
Want to use Recon Network Monitor with your existing tools? Export metadata and content in a variety of standard formats.
Thanks for downloading and trying the Recon Network Monitor – we hope that you’re as excited to use it as we are to give it to you! Follow the blog on our website and forums for updates, and we’ll be listening for your feedback.