What is NetBee?

NetBee is a new library intended for several types of packet processing, such as packet sniffing and filtering, packet decoding, and traffic classification (not ready yet).

NetBee provides a set of modules that can be used by applications that need to process network packets. Instead of creating some custom code in your application for packet processing, you can use the functions exported by NetBee.

This library is made up of several components. It includes several objects for packet decoding, packet sniffing and filtering, traffic classification (not ready yet), and some miscellaneous utilities. Additionally, it includes some components (such as the NetPDL protocol definition language, the NetVM packet processing virtual machine) that are used to do its job, but their knowledge is not required from programmers using NetBee. For a list of features that are present in NetBee, please look at the introduction page.

Why NetBee?

NetBee is a powerful library for generic packet processing. NetBee is created by the same research group that created WinPcap, the de-facto standard for sniffing packets in Windows. However, WinPcap architecture (which is derived from its UNIX ancestor, libpcap) is rather old and it does not fit for nowadays needs. WinPcap is a perfect choice in case you need a powerful library for sniffing packets with cross platform compatibility (WinPcap and the UNIX-based libpcap are almost fully compatible). However, the architecture behind WinPcap (and libpcap) has not been engineered for supporting extensions and new modules for other kinds of processing in addition to packet sniffing.

This is the reason of NetBee: we feel that the effort needed to expand and update WinPcap cannot pay in the long term. We believe that the best choice is to create a new library from scratch, with a completely new architecture (object-based, for instance), open to extensions and ready to fit to new needs. NetBee, in fact. This guarantees an high degree of freedom but, of course, it will often lead to un-tested code due to the relative poor maturity of the library.

If you start using NetBee and you used WinPcap in the past, you will see that the interface (which is object oriented) is much cleaner than its ancestor. You can find it is pretty easy to read packets from the network as well as from a file or from some other source. This is due to the object-oriented architecture of NetBee. You will be surprised how easy is to use NetBee in your programs.

Please note that NetBee is highly experimental at the current stage; no guarantees are given that the API will not change in the future. Therefore, the current release must be intended as a proof of concept in order to share some ideas with the research community.

http://www.nbee.org/doku.php

网络包处理工具NetBee的更多相关文章

  1. iperf/netperf网络性能测试工具、Wireshark网络包分析工具

    iperf   http://www.linuxidc.com/Linux/2014-05/101160.htm netperf  http://www.linuxidc.com/Linux/2013 ...

  2. [转]网络性能评估工具Iperf详解(可测丢包率)

    原文链接:安全运维之:网络性能评估工具Iperf详解:http://os.51cto.com/art/201410/454889.htm 参考博文:http://linoxide.com/monito ...

  3. Python黑帽编程1.3 Python运行时与包管理工具

    Python黑帽编程1.3  Python运行时与包管理工具 0.1  本系列教程说明 本系列教程,采用的大纲母本为<Understanding Network Hacks Attack and ...

  4. ios 抓取真机的网络包

    一直被如何从真机上抓包所困扰!今天偶然看到了最简单有效的方法!分享一下: 原地址链接 http://blog.csdn.net/phunxm/article/details/38590561 通过 R ...

  5. 可视化数据包分析工具-CapAnalysis

    可视化数据包分析工具-CapAnalysis 我们知道,Xplico是一个从pcap文件中解析出IP流量数据的工具,本文介绍又一款实用工具-CapAnalysis(可视化数据包分析工具),将比Xpli ...

  6. Bower —— 一个Web的包管理工具

    作者:江剑锋   github地址:https://github.com/bower/bower Bower为何物 Bower是一个Web开发的包管理软件.前端开发中,或多或少,都会以来于现成的fra ...

  7. Linux命令行抓包及包解析工具tshark(wireshark)使用实例解析

    在Linux下,当我们需要抓取网络数据包分析时,通常是使用tcpdump抓取网络raw数据包存到一个文件,然后下载到本地使用wireshark界面网络分析工具进行网络包分析. 最近才发现,原来wire ...

  8. Python包管理工具——pip

    目录 Python pip pip相关命令 解决pip相关问题 Python pip Python最让人的喜欢的就是它有丰富的类库和各种第三方的包,而对于这些包的下载.删除等管理操作,就要用到包管理工 ...

  9. 转载: 一、linux cpu、内存、IO、网络的测试工具

    来源地址: http://blog.csdn.net/wenwenxiong/article/details/77197997 记录一下 以后好找.. 一.linux cpu.内存.IO.网络的测试工 ...

随机推荐

  1. Java虚拟机工作原理详解 ( 二 )

    首先这里澄清两个概念:JVM实例和JVM执行引擎实例,JVM实例对应了一个独立运行的Java程序,而JVM执行引擎实例则对应了属于用户运行程序的线程:也就是JVM实例是进程级别,而执行引擎是线程级别的 ...

  2. react-native 的微信SDK辅助包,支持微信登录、微信分享、微信支付

    微信SDK集成示例,现已完成微信授权登录,之后将陆续包装分享等其他功能. ReactNative高级交流群 127482131 或访问  http://blog.1ygowu.com ReactNat ...

  3. 深入了解Ant构建工具 命令

    深入了解Ant构建工具 标签: ant工具任务jarjavaclass 2010-05-29 21:16 1346人阅读 评论(2) 收藏 举报 版权声明:本文为博主原创文章,未经博主允许不得转载. ...

  4. 一道c语言运算符优先级问题

    一道c语言运算符优先级问题 #include <iostream> using namespace std; int main() { char test[] = {"This ...

  5. 用virtualenv管理python3运行环境

    1. 简介 virtualenv可以用来管理互不干扰的独立python虚拟环境,在有些场景下非常有用,例如: 你有两个python项目,一个是python2.7的,另一个是python3的,可以创建两 ...

  6. beta阶段140字评论

    第一组 奋斗吧兄弟  有三种生态环境可以选择,动物还可以放大缩小,增加了许多趣味性.寓教于乐 第二组金州勇士   考试系统很贴近学生生活,不过这种系统现有也挺成熟了,其实我觉得做一个报考系统可能更讨喜 ...

  7. 浪潮之巅IT那点事之一——AT&T的兴衰

    首次接触到<浪潮之巅>这本书,几乎是熬了一个通宵把上下两册全部看完,感慨颇多.从事计算机基础教育多年,每次在讲计算机导论课程时,总是在重复同样的内容,讲一些计算机结构.操作系统.算法.软件 ...

  8. coreData,sqlite3,fmdb对比

    core data   core data 基于model-view-controller(mvc)模式下,为创建分解的cocoa应用程序提供了一个灵活和强大的数据模型框架.   core data可 ...

  9. Socket网络编程--FTP客户端(1)(Windows)

    已经好久没有写过博客进行分享了.具体原因,在以后说. 这几天在了解FTP协议,准备任务是写一个FTP客户端程序.直接上干货了. 0.了解FTP作用 就是一个提供一个文件的共享协议. 1.了解FTP协议 ...

  10. cryptDB安装分析

    cryptDB的安装脚步是用ruby语言写的,由于这里对ruby语言不熟悉,只能做简答的分析.我们先看看cryptDB的目录结构. 主要的目录有bins.doc.main.udf目录,下面我们通过分析 ...