A big problem with network connections is that you don't know if the data you send will arrive at its destination exactly the same way. In this way, packages could be unchanged, lost or even new ones inserted on the way. With PcapDiff it should now be possible to detect various errors, problems or attacks. For this purpose, a recording of the traffic is made on the transmitter and receiver side and these two pcaps are compared. Of course, the program is especially interesting for system administrators, who can debug and analyze their networks with it. It is also aimed at security specialists who can use it to evaluate their own developments. But also for the "normal" user PcapDiff is of interest, because everyone is affected by censorship, errors and attacks and PcapDiff uncovered these.
With PcapDiff it will be possible to visualise the differences between two Pcap files. (... visualise the network communication between two peers.) Two Pcap dumps can be loaded into the program, one from the sender and one from the receiver side. The two dumps will be analysed, visualised and matched to highlight packets that got lost, modified or added on their way from sender to receiver.
We build a Website for the project which provides information about the project and explains the motivation behind the project.
Screenshots of the Project