GOSNIFF

Keeping with the theme of command-line tools that improve the user experience of more established and arcane equivalents, GOSNIFF is a rather poorly named tool inspired by the truly difficult to use tcpdump. To analyze a network with tcpdump, you need to know what you want to accomplish and how. For nonexperts, this isn't ideal. You need to know which network device to use and perhaps the port you want to monitor, for instance. With GOSNIFF, its menu-driven interface is a lot easier to use and discover. When first launched, for example, you're presented with the various devices and buses on your system that it thinks it can monitor, usually with the network device already selected. If you don't know which interface to choose, a virtual or pseudo device can be selected that attempts to monitor everything, but this could potentially include raw USB and D-Bus traffic.

You next need to define a filter, and this can be complex even in GOSNIFF. There's an optional field pre-filled with a suggested tcp and for port 80 for unencrypted web pages, but this can easily be modified for other ports and protocols. With the configuration out of the way, you select Start to initiate the monitoring process. Now, whenever a network packet is detected that meets your filtering and device criteria, it's displayed on the right, much like with Wireshark. This is no coincidence considering the filter section accepts exactly the same Berkeley Packet Filter (BPF) syntax, but there's no further option to dive deeper into the packets. The only packet details you can see are the sizes for each network layer and the protocols being used. This makes GOSNIFF more useful as a more advanced version of ping, a tool to see whether packets are transferred at all for a specific filter and protocol without needing to remember the specific tcpdump arguments.

Project Website

https://github.com/c-grimshaw/gosniff

It's not immediately obvious, but the name of GOSNIFF is inspired by the Go programming language it uses and the function it purports to serve.

Compression successor

bzip3

The process of choosing a file compression tool should be as prosaic and pragmatic as selecting the best tool for the job. But every computing platform seems to identify itself with one specific algorithm or implementation over every other, regardless of how they might compare to the alternatives. Microsoft Windows has been synonymous with WinZip and zip for decades, for example, and, for a long time, StuffIt Expander was perennial on macOS. The Amiga defaulted to using LHA and LZH (and still does!), and archive files on Linux are typically compressed with gzip after being rolled into a single file with tar, hence the universality of the tar.gz or tgz file extensions. Unlike the rest, however, Linux does have some other commonly used tools, and of these bzip2, or bz2, is perhaps the best known.

The first release of gzip was in 1992, and even bzip2 can trace its origins to 1996, over 25 years ago. This means there should be plenty of scope for a successor that can capitalize on modern CPU architectures and programming techniques. And that's exactly what bzip3 promises – an unofficial sequel to the ubiquitous bzip2. The main improvement is a compression ratio, with the new pretender generating 10 to 20-percent smaller files in similar compression times, albeit by using a lot more RAM. These performance gains are thanks to using a new algorithm with a modern compiler, but this modernity also means the tool itself is still relatively immature both in terms of its testing and the number of options it offers. Encode and decode work as expected, and with the same flags as the original, but there are far fewer options for customizing your compression. These options will no doubt come, but the project is still at an early stage of development, as the caveat on data integrity illustrates. As a result, this is a great project to watch but not necessarily for replacing bzip2. Yet.

Project Website

https://github.com/kspalaiologos/bzip3

The new bzip3 offers the same encode and decode syntax but is missing lots of the other options found in bzip2.