heise PlusAbo
Anzeige

Sniffnet 1.5: Which program is phoning home?

The open-source network monitor Sniffnet now assigns traffic to individual programs. Version 1.5.0 also brings blacklists and adapter previews.

listen Print view
Overview of a network monitoring application with traffic rate, network hosts, services, and programs.

(Image: Sniffnet)

3 min. read
iX Magazin
By
Contents

With version 1.5.0, the open-source network monitor Sniffnet shows for the first time which program on the computer is generating network traffic. The application also visualizes the activity of the network adapters on the start page, and users can set up their own IP blacklists. The release also brings extended filter options, persistent favorites, and improvements to configuration and stability.

Sniffnet is an open-source tool for monitoring and analyzing network traffic with a graphical interface. It relies on PCAP and visually represents connections, protocols, and data flows – as an alternative to command-line tools like tcpdump.

Traffic per program and live preview of adapters

Previously, Sniffnet displayed connections based on IP addresses, ports, and protocols. The new version adds process information to this view: users now see directly which local program initiated a specific connection. This facilitates troubleshooting and helps detect unexpected background communication from applications.

Also new is a live preview on the start page. Even before a capture is running, Sniffnet shows a diagram of the current utilization for each network adapter. This allows for quicker identification of which interface is currently active.

Videos by heise

Blacklists, favorites, and new CLI option

With custom IP blacklists, users can mark or hide specific addresses or address ranges – for example, known tracking services or suspicious destinations.

In addition to individual connections, favorites now also support services and programs and are retained across sessions. This allows frequently monitored services or critical endpoints to be kept in permanent view.

For automated environments, there is the new command-line option --config_path, which outputs the path to the configuration file. This is useful, for example, for scripts and debugging, such as in containers.

Technical improvements and bug fixes

Under the hood, Sniffnet switches to version 0.14 of the GUI framework Iced. The search filters on the Inspect page now support negation operators (! and !=) to specifically exclude certain values. The application validates configuration files more strictly when loading, for example, window parameters, scaling, or themes. Several translations have been updated, including Romanian, Japanese, Turkish, and Chinese.

Regarding bug fixes, the release improves the backward compatibility of configuration files. Additionally, Sniffnet now outputs a clear error message if a capture is attempted on an unknown adapter. Previously, it simply failed silently.

Details about Sniffnet 1.5.0 can be found by interested parties in the Release Notes on the GitHub project page.

(fo)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten