Network capture tools can be useful for all kinds of reasons: troubleshooting, security, system optimization, or just to keep a better record of your online activities.
Setting them up and making sense of their reports can often be tricky, of course, but it doesn’t have to be this way. York, while far from perfect, offers easier than usual setup and in-depth logging of your traffic, and so could be very useful as a first network capture tool.
As with many similar programs, for instance, York uses WinPcap to handle the traffic logging basics. But you don’t have to worry about finding or downloading this: York will install it for you.
This good first impression is spoiled a little because York doesn’t intelligently decide which network adapter to monitor. And so you may not see any logged data until you choose this manually (click Options, Network Adapter, click the adapter to be monitored). But with that done, you should immediately be able to see the details of any captured network traffic.
The Packets tab displays the basic details, for instance: date and time of a connection, local and remote IP addresses, ports and traffic size.
The Passwords tab sniffs out HTTP, FTP, POP3, SMTP, SMB, VNC and AIM passwords. So if you need to know an email account password, say, and your email client has it stored but won’t otherwise tell you what it is, then just run the program, collect any new messages, and York will capture and display all your user names and passwords.
The program can also sniff out and save copies of the images you view, and the files you access. Which could be useful both as a backup record of some web research (you won’t have to remember to save copies of everything as you go along), or as a way to see exactly what others might be doing on your PC. (This isn’t enabled by default, though: click Options, Logging and check “Log & Save HTTP/FTP files…” to turn the feature on.)
And if you’re a network guru then there are plenty of other settings you’ll appreciate here. York can log UDP, ICMP and NetBIOS packets, for instance, as well as TCP traffic. You’re able to save captured traffic in a PCAP file for analysis elsewhere, or open an existing PCAP file to find out more about any logged activities.
The program still has its problems. The interface doesn’t always work as you expect, for instance, and occasionally you’ll need to explore the Options dialog to try and find out how to modify its behaviour accordingly. It’s compact, free and generally easy to use, though, so if you’re interested in network capture but have been put off by the complexity of other tools, then York may be worth a closer look.
Photo Credit: olly/Shutterstock