LanDetective User Interface - Monitoring View

Right after data has been intercepted and processed by LanDetective Internet Monitor, the application records it to log. Thus, log is being updated continuously as new captured data comes in. The Monitoring View mode allows viewing the data capturing process in progress. In this mode, information on data that has just been captured is shown on the tabs. The information appears as list, which updates automatically as new captured data arrives. Each row on the list corresponds with a certain log entry in log. As the information is taken from log, which can contains a huge number of records, and since computer memory is limited, the maximum number of rows that can be shown in the Monitoring View is limited to 100. In other words, only 100 most recent log records can be displayed in the view mode. To let you see the latest records, the list is purged every time you start the application.

To see the entire log, use the Log View mode.

WEB Tab

In the Monitoring View mode the WEB tab displays a list of entries with the following columns (some of the columns are hidden by default):

  • Date – date the entry was added to the log
  • Time – time the entry was added to the log
  • NIC – identifier of the network adapter the data was intercepted from
  • Client MAC – MAC address of the client computer
  • Client IP – IP address of the client computer
  • Server IP – IP address of the server that the client computer connected to
  • Server Port – TCP port the connection was made to
  • Size – downloaded/transferred file size
  • Media type – MIME-type (content type) of the intercepted file. For example, image/gif for an image of the GIF format, text/html for a file of the HTML format. You can see the list of basic types at IANA
  • Host – name of the host the connection was made to
  • Request – HTTP request sent by the client to accept/transfer data
  • Local File – name of the local file to which intercepted data was saved to

The appearance of the list can be set up via the context menu, which can be opened by right-clicking on the list header.

The preview pane below the list shows the content of the intercepted file, which you can select by clicking on the corresponding row on the list. LanDetective Internet Monitor allows viewing files of different types. You can view images and text files, listen to audio files, watch videos, etc. When viewing HTML files, LanDetective Internet Monitor will show the pages with images, applied CSS styles and included other external resources. No connection to the Internet will be established; all the resources will be loaded from a local database.

Besides the content of the intercepted files, you can see HTTP headers sent and received by the client. To view HTTP headers, click Details on the toolbar of the preview pane. If HTTP headers include any Base64 - encoded passwords for accessing the web site, you can view it by clicking on Show the login/password... To return to the content of the file, click on the Preview button.

You can also print content from the preview pane. To do that, right-click on the window and then select the corresponding option in the context menu.

FTP Tab

In the Monitoring View mode the FTP tab displays a list of entries with the following columns (some of the columns are hidden by default):

  • Date – date the entry was added to the log
  • Time – time the entry was added to the log
  • NIC – identifier of the network adapter the data was intercepted from
  • Client MAC – MAC address of the client computer
  • Client IP – IP address of the client computer
  • Server IP – IP address of the server that the client computer connected to
  • Server Port – TCP port the connection was made to
  • Size – downloaded/transferred file size
  • Account – account used by the client for connecting to the FTP server (for example, Anonymous)
  • Request – FTP command sent by the client to accept/transfer the file
  • Local File – name of the local file, which the intercepted file was saved to

The appearance of the list can be set up via the context menu, which can be opened by right-clicking on the list header.

The preview pane below the list shows some details on the intercepted file, which you can select by clicking on the corresponding row on the list.

MAIL Tab

In the Monitoring View mode the MAIL tab displays a list of entries with the following columns (some of the columns are hidden by default):

  • Date – date the Email entry was added to the log
  • Time – time the Email entry was added to the log
  • NIC – identifier of the network adapter the data was intercepted from
  • Client MAC – MAC address of the client computer
  • Client IP – IP address of the client computer
  • Server IP – IP address of the server that the client computer connected to
  • Server Port – TCP port the connection was made to
  • Protocol – used email protocol/service (SMTP, POP3, IMAP, GMAIL, HOTMAIL)
  • Size – sent/received e-mail message size
  • Sender - e-mail sender's address
  • Recipient - e-mail recipient's address
  • Cc – email copy recipients' addresses
  • Subject – message subject
  • Local File –name of the local file the intercepted email was saved to

The appearance of the list can be set up via the context menu, which can be opened by right-clicking on the list header.

The preview pane below the list shows the content of the intercepted email, which you can select by clicking on the corresponding row on the list. If the email contains any attachments, you will see them also.

Besides the intercepted email content, you can see email headers (RFC 822). To see the headers, click on the Details button on the toolbar of the preview pane. To return to the content of the e-mail message, click on the Preview button.

You can also print the content from the preview pane. To do that, right-click on the window and choose the corresponding option on the context menu.

CHAT Tab

In the Monitoring View mode the CHAT tab displays a list of entries with the following columns (some of the columns are hidden by default):

  • Date – date the chat entry was added to the log
  • Time – time the chat entry was added to the log
  • NIC – identifier of the network adapter the data was intercepted from
  • Client MAC – MAC address of the client computer
  • Client IP – IP address of the client computer
  • Server IP – IP address of the server that the client computer connected to
  • Server Port – TCP port the connection was made to
  • Protocol – chat service used (MSN, YAHOO, ICQ, AIM, IRC or MAIL.RU).
  • Size – sent/received chat message size
  • Sender - message sender identifier (depends on the chat type)
  • Recipient - message recipient identifier (depends on the chat type)
  • Message – intercepted chat message text

The appearance of the list can be set up via the context menu, which can be opened by right-clicking on the list header.

The preview pane below the list shows the content of the intercepted chat message, which you can select by clicking on the corresponding row on the list.