+---------------------------------------+ | Product : Visual SNMP Traffic Monitor | +---------------------------------------+ 1.0 Eval Restriction --------------------- The evaluation version of this software is a fully functional product, however it will cease to operate after thirty (30) days; please contact NuDesign to purchase the full version of this product. 2.0 Contact Information ------------------------ Tel: (416) 737-0328 Fax: (416) 445-9101 Email: contact@ndt-inc.com Web: http://www.ndt-inc.com 3.0 Installation Notes ---------------------- On Windows 2000 and XP, Visual SNMP Traffic Monitor should be installed by a user that is a member of the "Administrator"'s group to be successfully installed. Visual SNMP Traffic Monitor also requires that the user have file "Write" & "Modify" privileges in the installation directory to operate Visual SNMP Traffic Monitorfully. By default, a user that is exclusively a member of the "Users" group will not have sufficient privileges to operate completely. There are three areas that are affected by having insufficient privileges. These are - You will not be able to change the installed V3 configuration. - The actions instructed by installation MIBrowser.INI will be re executed each time Visual SNMP Traffic Monitor starts. - MIBrowser.log will not be updated correctly. To have the correct file permissions on XP Home or XP Professional that is configured for "Simple File Sharing", Visual SNMP Traffic Monitor must be installed in a directory under the "Shared Documents" folder if the user executing Visual SNMP Traffic Monitor is exclusively a member of "Users". The directory should then have the read-only attribute removed. On Windows 2000 and Windows XP Professional (that is not configured for "Simple File Sharing"), "Modify" and "Write" file privileges can be changed for either an individual or the entire group. To change privilege level on a particular directory, navigate to that directory from Windows Explorer and right click on the directory and select the "Properties" menu item. In the Properties dialog for the directory, select the "Security" tab. If the user or group is not already listed, press the "Add..." and add the group or user, pressing "OK" when done. Now select the user/group item and ensure that the Modify and Write attributes are checked. Press "OK" to complete the change. Please refer to Microsoft help for more information on sharing files and changing file or directory permissions. 4.0 Version History ------------------- ver 5.0 Oct.26, 2017 --------------------- - add auth protocols SHA224/256/384 & 512, priv protocols AES192/256 & 3DES-EDE. - note SHA224 support is conditional to user providing OpenSSL library, 32 bit libeay32.dll in \Windows\SysWow64 - add presentation of the local keys in USM User table (hidden by default) with option to copy to clipboard. - add refresh to USM User table with changes. - correct problem with retaining MIB search paths. - correct problem problem in Tools | Options | Compiler. - add load option for capture files. - add search option to SNMP data in the Analyzer - add additional digit of precision to Analyzer time. - remove duplicated lines from Analyzer frame list that could occur with some versions of WinPCap. - improved V3 REPORT detection in encrypted frames in the Analyzer - add tenths of seconds to time ticks presentation. - add checking for duplicate object syntax when using "MIB" presentation setting. - add ID, USM User & EngineID columns to Analyzer. - add encryption preprocessing to present request/report types before navigating to a frame item. - correct problem with display filters when analysis of aes encrypted frames is required. - change registry validation mechanism. - change Message flags to present noAuthNoPriv, authNoPriv, authPriv in additional to reportable. - add command line (startup) specification of a particular XNV file. - add command line option (-askconf) to ask user to select a particular XNV file. - correct loading of SMI MIB with just traps defined. - add check for running at less than administrator privilege level and warn user. ver 4.2 Sept.13, 2012 --------------------- - remove CreateRow & DeleteRow from mouse menu in Browse tree when input focus is on a table. ver 4.1.2 July 9, 2012 ------------------------ - correct index display with InetAddress so that conversion to 'string' is not performed when option is checked. - add REPORT type display for encrypted frames in the Analyzer Frames list, once it has been analysed once. - add Ctrl PageUp/Page down operation in Analyzer list view that invokes decoder on the paged list to populate additional decoded information into the list view. - add PCap capture filters for loading captured files. - correct an issue with incorrectly detecting non-volatile corruption. ver 4.1.1 ------------------------- - internal release ver 4.1.0 Mar. 29, 2012012 ------------------------- - correct usage of control so that no interfaces are used before the control is Init() capture file could not be created, causing the capture to cease, but with the configuration button disabled so the file capture spec. could not be corrected. - add ability to search Analayzer frame list. ver 4.1.0.0 Feb. 28, 2012 ------------------------- - shorten minimum time splash screen is visible from 10 to 4 seconds. - stop spurious pop up of ASN.1 window on searches that stop on a node due only to the node name. - prevent crashes that occurs when there is no active child window during a Find 'Next' - correct condition where input focus could leave a tree view during a search without user input, causing 'Next' searching to stop. - correct searching which found a substring of a synatx name in a search string instead of vice versa, leading to incorrect finds. Eg. Finding nodes with SYNTAX"TAddress" when searching for "InetAddress" - correct clearing MIB repository when there's an error condition during start up. - add configuration read and write time stamps for determing whether a possible configuration problem has occurred. Message pop occurs when the last read is newer than last save to ask the user if they'd like to revert to a backup configuration. - optimize module and mib node look up by using MIBLoader control functionality instead of MIBrowser - Add Find and Find next to Analyser "Frames" list view and form via menu and key presses. - add display of string to OctetString values in Frame window when data appears to be a string. - minor clean up on splash screen. - ensure nodes above org(3) aren't expanded on startup. - correct Device Type management so that it is initialized when the configuration dialog is displayed from "Edit | Snmp Agents". - add an additional generation of registry backup. Named MIBrowser-bak-bak.reg. - correct problem entering IPv6 addresses in capture filters ver 4.0.2, Sept. 13, 2010 ------------------------- - add IPv6 support ver 3.6.2 Jan. 11, 2010 ----------------------- - allow changing the checked status of a range of "Alarm Log" entries. - change "Tools | Options | USM Users" will ensure the selected item is visible when sorting a column. - update copyright notice ver 3.6.1 June 4, 2009 ---------------------- - correct problem placing module in the incorrect version "Unloaded Modules" sub tree under the "Modules" table when duplicate modules were found and the duplicate was of a different SNMP version. - add MODULE name branches for loaded V1 traps in the "Components" tab. - fixed crash caused when trying to paste into a read only MIB "View". - correct presentation issue in sysObjectID column in Agent Discovery window. - enable delete use in all Tools | Options ... tables. - correct problem in Edit SNMP Agents where incorrect message appeared when adding new agent sessions about agent already existing with the given parameters when it didn't really. - ensure USM User passwords are a minimum of 8 characters. ver 3.5 ------- - internal release ver 3.4.2 Apr. 7, 2008 ---------------------- - correct problem with Favorites menu. ver 3.4.1 Feb 20, 2008 ---------------------- - rebuilt for V3 SNMP control v3.7. This corrects a problem that may occur using AES and some vendors agents. - change dynamic popup menu management so that they don't contribute to the main forms control count. - remove artifact frame from "Tools | Options ... | Alarms" - change formating of alarm to use checks to indicate unacknowledged alarms. - change evaluation version to new splash screen. - add "View | Tree" sub menu so that individual tree tabs can be turned off. - change Favorites menu so that individual favorites are presented in a sub menu. ver 3.4 Feb.5, 2008 ------------------- - rebuilt for V3 SNMP control v3.6. This new control no longer relies on libeay32.dll for AES services for Vista, Windows 2003 or XP, therefore it is no longer installed. On Windows 2000 and earlier OSs, users will have to install the libeay32.dll, if AES128 privacy decryption is required. libeay32.dll is readily available for download from the Internet. - change to new splash screen. ver 3.3 Nov. 21, 2007 ----------------------- - expose several interface switches for the MIB compiler to permit more loading flexibility. - Add option to include directories the user loads MIBs from to the list of searchable directories. Default: on. Previously directories were always added. - Change to enable multiple selection and deletion in the USM User table. - Correct run time error that occurs if attempting a browse menu operation from a table that doesn't have the 'Entry' defined for it. - Correct issue that if a user dragged & dropped a node from Browse tree to the ASN1, the node would be removed from the tree. Dragging & dropping is noe prevented into the ASN1 window. - Correct issue where exact match searches was matching substrings in object descriptions. - Correct presentation problem with ASN.1 window is closed maximize and MIBrowser is opened, ASN.1 title bar becomes occluded. - Correct a problem that occured when processing a 'LoadMIB' in a MIBrowser.ini file with a group name and the MIB was already loaded. ver 3.2.0 Apr. 18, 2007 ----------------------- - add ASN.1 decode for AGENT-CAPABILITIES macro. - add font control to ASN.1 window. - change copyright, splash and corporate info. ver 3.1.1 Jan.18 2007 ----------------------- - correct problem with MIBrowser.ini file truncation when loading a MIB from MIBrowser.ini that is already loaded. - change behavior such that when SNMP Traffic Monitor is running as a service, when the user exits, it executes a service shutdown instead of exiting. - related to above, when running as service, the 'Exit' option in the system tray menu has been changed ' to a 'Stop' option. - A new option has been added to the analyzer component, on the 'Capture Control' tab, that provides for specifying whether the default capture should be backed up or just overwritten. - Prevent pop up message of "No SNMP Agent select!" message. ver 3.1.0 Dec.14 2006 ----------------------- - add font management. - add command line processing to load display and capture filters - correct capture duration problem when duration is later disabled. ver 3.0.1 Sept. 2006 ----------------------- - remove last dependency on v2 management control - add font management. - add commandline processing to load display and capture filters ver 3.0.0 Aug. 8, 2006 ----------------------- - add support for AES128 CFB privacy. Note: this requires the availability of libeay32.dll installed on the system. - correct registry error that occurs when running with limited privileges. - correct problem with negating srcOrDestAddress capture filter. - integrate with new v3 control. ver 2.0.7 Mar. 27, 2006 ----------------------- - rebuild and re release. ver. 2.0.6 Jan. 24, 2006 ------------------------ - correct problem parsing OIDs that didn't contain multiple byte sub OIDs. - change data collection algorithm so that determination that packet is non SNMP is performed sooner, enabling making a quicker save/no save decision. Also non SNMP packets are no longer saved, making parsing of WinPCap files, saved via other applications (E.g. Ethereal) quicker (for loading/filtering etc) and so that the VSTM requires less memory. ver. 2.0.5 Jan. 24, 2006 ------------------------ - enabled loading a capture filter as a display filter. - enabled loading a display filter as a capture filter (with the obvious limitations) - make capture initiation more fault tolerant regarding setting capture files. - make loading captured data more fault tolerant to file problems. - correct problem when loading display filters and filtering is enabled, the current display set was not evaluated. - correct several problems with the capture filter expression evaluator when specific combinations of elements in the sub expression occurred. ver. 2.0.4 Jan. 18, 2006 ------------------------ - change linkage to WinPCap to be runtime bound so that MIBrowser can continue to run even if user elects to not install WinPCap, although in this configuration, the Analyzer features are disabled. - correct non permanent resource leak that occurred when saving/updating configuration information in the registry. - correct a problem with setting some compound capture filters. - correct problem that could lead to "Capture" button being disabled. - correct problem with display filter evaluation with filters using the 'AND' feature. - correct problem saving display filters that contain empty T1 or T2. - correct problem with display directory management. ver. 2.0.2 Dec. 15, 2005 ----------------------- - add environment variable "NDT_VTM_CAPTUREPATH" which contains the current capture directory. ver. 2.0.1 Dec. 6, 2005 ----------------------- - correct so that no memory is used to store captured data when the data is being captured only to a file. - add a new option in the "Capture Control" tab called "Current Default Capture File Name". This is used by VT Monitor as the capture file name instead of querying the user for one if the field contains data (i.e. a filename). Otherwise, if the field is empty then the user is asked to provide a file name. - correct a run time error that occurred when loading large MIBs that have errors in line numbers greater than 32K. - improve load times of large MIBs. - integrate with new version of MIB compiler - improve start time on NT/2000/XP/2003. ver. 2.0.0 Nov 17, 2005 ----------------------- - Release version 2 - change raw data presentation so that the entire element selected in the decode window is identified. - add "Tools" menu item for installing and removing MIBrowser as a service. ver 1.0.21 Nov. 1, 2005 ------------------------- - Release Candidate 1 - changed time input qualification. Time durations can be up to 99:59:59, normal time of day is limitted to 23:59:59 - changed time picker to permit "wrapping". - When time is "aborted" via the close button, post processing is abandoned (i.e. does a cancel) , meaning it issues no complaints about the time when the time picker was abandoned. - change so that when the calendar is "aborted" via the close button, post processing is abandoned (i.e. does a cancel). Also when the calendar is abandoned, the time picker is not subsequently shown. - change so that double clicking calendar selects the day and closes the window. - correct issue with T1 and T2 (and OID) causing other fields to be reset to the previous "saved" value. - change so that packet numbers are maintained whether display filtered or not. - change so that the input focus on the currently selected packet list item as well as the same decoded packet is maintained between display filtered and non display filtered presentation. If a packet is selected in a non display filtered presentation and the packet is not in the filtered presentation, then the input focus is placed on the next displayed packet (if any). - change "Update" button name "Apply". - correct T1 & T2 behavior so that entering a carriage return while the input focus is on either, will cause the "time picker' to be displayed. - correct tab stop order in the SNMP Analyzer Option dialog. - Correct UI "lock up" that occurred when starting About box, which Analizer dialog is up. - remove ellipsis from frame decode tree - change "Reset" behavior on Capture Filtering tab. - change "Reset"and correct "Apply" behavior on Display Filtering tab. - add number of files used in a multiple file capture specification to non volatile storage. - add the individual file limit to non volatile storage. - add Alarm Log capability for noting the capture events. This is controlled a new checkbox "Log Capture Events" on the "Tools ...| Options ... | Logging" tab. - add closing of SNMP Analyzer Option dialog with escape key press. - correct update process for total file usage limit when - correct possible problem that capture end date & time could be missed. - correct problem with the new splitter management where when the raw data pane is removed and restore after the splitter bar for it had been moved, the pane was outside the visible area. - improve numeric qualification. - correct a runtime problem associated with right clicking on a V1 Trap in the Components tab. - change to prevent user from configuring the analyzer while it is running and vice versa - change to modal tooltips for the analyzer start button. ver 1.0.12 Oct. 24, 2005 ----------------------- - beta 3 release - order tab stop indexes for SNMP Analyzer Options input fields. - correct so that a change to Capture "Source Port" changes state in Insert/AddModify buttons. - correct implementation of "Negate entire sub expression" logic. Previously, it could be applied twice. - correct problem dragging and dropping OID to display filter. Reverted to previous saved value when input focus reverted back to dialog. - implement input data qualification for all times, filter contraint & IP addresses and ports in the SNMP Analyzer dialog. - change T1 & T2 so that input is only done via time picker dialog. Also added "Clear" buttons for each. - change behavior of editing T1 & T2 so that the time picker is initialized from the existing time setting, not the current time. If field is currently blank, then timepicker is initialized with the current time. - correct behaviour of negate check box for capture source port. - add implementation for capture "Src. Or Dest. Port" filter aquisition. - add implementation for display "Src. Or Dest. Port" filter aquisition. - improve update presentation of display filtered information. - change control used for presenting calendar to generally redistributable MS control. - change display splitter management so that if user changes the default window split(s), then automatic resizing is disabled. - add missing decode of V1 Trap Message Header information - correct problem in detecting PDU type associated with display filtering. - correct crash that occurred in all "Output" when the window was maximized. - change "Tools | SNMP Analyzer Options..." to "Tools | Configure SNMP Analyzer..." - change "child" window icons. ver 1.0.10 Oct. 18, 2005 ----------------------- - beta 2 release - refine IP address qualification - refine display filter time input qualification - correct check for unsaved data ( if "Options | Miscellaneous| Ask about saving content on close" is checked ) when stopping application for display filter. ver 1.0.9 Oct. 17, 2005 ----------------------- - correct Capture "SaveAs" button enable state so that it becomes disabled on delete of last capture entry - correct so that user isn't queried about saving capture filter information when exiting and all capture filter info was previously deleted. - correct so that user isn't queried about saving display filter information when exiting and all display filter info was previously deleted. - correct problem with both capture and display filters that lead to sub expression values that were previously deleted were not actually deleted. - change so that when a capture or display filter is "Update"d and no sub expression values remain, the user is queried to delete the sub expression or not. If the user responds yes, then the sub expression is deleted, otherwise the sub expression is restored to it's previous state (prior to the current edit that caused the last sub expression value to be deleted) - correct so that a "Source Address" Display filter was deleted the associated negate check box was disabled. - change "Insert" and "Add" tooltip text (Capture and Display Filters) to be more readable. - improve tab order for display and capture filter edit boxes. ver 1.0.8 Oct. 14, 2005 ----------------------- - encryption and authentication services taken from host Windows facilities. OpenSsl is no longer used. - altered copyright notice in About box. - change toolbar to add Load MIB and Expand, Collapse & Search "cluster". - correct problem saving captured data from a "Display Only" capture. - correct problem presenting counter 64 information that has a zero (0) value. - updated help. - cleared runtime error associated with using filter "Reset" button. - correct typographical error in balloon help for "Insert" button on "Capture Filtering" tab. - Add balloon help for "Insert", "Add" & "Delete" button on "Display Filtering" tab. - correct problem using a single time specifications with display filters. - add drag and drop from "Frames" list view entries to T1 & T2 in "Display Filtering" - change name of sub expression update button from "Save" to "Update" in "Display Filtering" - change name of filter save button from "Save" to "Save As" in "Display Filtering" - change name of sub expression update button from "Save" to "Update" in "Capture Filtering" - change name of filter save button from "Save" to "Save As" in "Capture Filtering" - correct initial state of MIB Tree icon in toolbar. - change the layout of the Analyser and ASN.1 windows to be tile horizontally by default. - correct a couple of SNMP Analyzer Options dialog "always on top" issues. - instrument audible alarm ( if "Options | Logging | Audible Alarm" is checked ) for first packet captured and capture terminated due to condition. - instrument check for unsaved data ( if "Options | Miscellaneous| Ask about saving content on close" is checked ) when stopping application for packets not saved, display filter not saved & capture filter not saved. ver 1.0.4 Sept 9, 2005 ---------------------- - beta 1 release - implemented all features reported not implemented with alpha release, with the exception that time based and OID based display filtering are still not implemented. ver 0.9 July 19, 2005 --------------------- - alpha pre-release. - features not implemented yet: - UI base capture filters - UI based presentation filters. - maximum file size termination of capture. - multiple file saving of data. ver 1.0.5 Sept 24, 2005 - beta - all features implemented.