Analyzing live network traffic is nothing new but the tools still seem limited. Wireshark is great for post capture analysis but when the packets are coming at you live, nothing currently gives your stream or session level visibility. How many times have you clicked 'Follow this stream' just to have that stream update and you have to reprocess the entire PCAP? That's great when it's just your machine but when you're monitoring a network, it limits your view and is a pain. As more traffic adds, this problem grows and makes life for your little netbook quite painful. Enter DivaShark - your live packet capture solution.
pause for uproarious applause and standing ovation
DivaShark is designed around live packet capture analysis. It breaks traffic down into connections/flows and lets you process them independently. It continues to parse the data as it comes in so that you can pay attention to the data you really care about. It's design allows you to perform processing live per stream and perform actions like extraction of files or images. This project really came about after frustration with Wireshark while playing Capture the Packet the past two years and is an answer to this sort of situation. What I'm proposing is that someone can kill capture-the-packet with this tool w ithout breaking a sweat (yes this might be a challenge).