Peter,
You are correct that rapid, repeated replays of even benign packets can wreak havoc, saturating the network, overloading routers, switches, and end-user nodes. This particular packet replay app allows you to set the replay to a single playback or repeat it for a set number of cycles, and you can set the desired time delay between replays to avoid problems.

Still, if you aren't certain the packets you have captured are safe, it is best to run the replay in a test network that is isolated from your production environment whenever possible.

Luckystiff, thanks for the explanation. but who has time to build test network and the same packets behave differently in different network. One extra router or switch can block some pockets thinking they are in error. I have ran similar software in the past and one or two re-plays can not test the network in depth. Re-laying unknown packets are dangerous in any network.

Maria,
Peter didn't specify what packets he had captured, or why he replayed them. I wasn't sure if he was trying to isolate a problem caused by packets he had captured, or if he was using packets he knew were safe, but the replay loop function caused trouble, or what else might have been going on, so I could only respond with generalities.
And my response to Peter seems to agrees with your post: DO NOT replay a captured packet stream unless you know how to do it safely. Which to me means that you either know the stream's contents, or you are testing the potentially harmful stream in a separate (test) network or network simulation.

As for the test network, yes - setting up and maintaining a separate test network takes time, and many IT managers don't realize the value gained by spending that time. I know I was lucky to have an IT director that understood that recovering from a catastrophic network failure due to lack of testing would take far longer, and cost way more than the time and expense of the test network, so he made a separate test environment a priority. We also tested our standard system images in that test environment to check for all kinds of integration problems before we pushed out updates.

TK, Colasoft offers a fairly comprehensive line of network analysis and monitoring suites as well as stand-alone tools like this one, which is actually intended to add to the usefulness of some of their other tools.

Like other networking tools, it can be used for any number of legitimate uses, including education & training, network traffic analysis, home network monitoring, etc.

Luckystiff, But this giveaway does NOT offer any of those features! NO network monitoring facilities are included with the giveaway product, NO network traffic analysis either. All it does is replay a previously captured network session at a target, singurly or repeatedly... Only use I can see for this is to try and resource deplete/crash a server by repea\tedly sending previously captured requests either from the same IP as the original request or from a different IP to use the server to reflect the replies to the original IP to DOS attack it... Nothing legitiamate at all. And certainly no legit personal use for THIS software given away today!

TK, you said:
"this giveaway does NOT offer any of those features! NO network monitoring facilities are included"...
- True, this particular app is not an all-in-one traffic analysis tool. It is designed to work alongside Colasoft's Capsa packet sniffer, and similar tools from many other developers, to enable various network data analysis functions.

You also said: "Only use I can see for this is to try and resource deplete/crash a server"...
- I can provide a few more potential legit uses here:
You mentioned using the tool for a denial-of-service type of attack. One important thing I have learned about system & network security is that if you can imagine a threat scenario (like the one you just described), it's a good idea to test your network's response to that threat. Luckily, this tool will allow you to do exactly that. Test your set-up to figure out what can still get through.

Another use involves replaying packet captures to test whether routers & switches properly prioritize data packets that contain streamed media files, game data, or whatever data types you prioritize to reduce "buffering" wait-time, stuttering, in-game lag, etc.

So IMHO, the list of possible uses for this kind of tool is only limited by the user's experience, imagination, and ability to properly design test scenarios.

Luckystiff, and exactly how is any of that of use to the target giveawayoftheday demographic? Not many giveawayoftheday users will OWN a dedicated server that is internet facing that would warrant such testing, it would be illegal to perform such testing on a shared server that is owned by someone else without their permission... if you start replaying packets to a game server to test YOUR router, switches or wifi you will likely find your IP banned for hacking attempts at best or at worst be at risk of prosicution under anti-hacking legislation. Packets generally have unique signatures that are used to reassemble split packets, re-use of the same signatures could trigger anti-intrusion attempts warnings and start legal procedings against you!

If you want to check your home network for external visibility and intrusion resistance then try something legit like ShieldsUP from GRC.COM and don't risk ISP terms abuse by sending non-standards compliant network traffic over third party and other public networks!

TK, Sorry this is so long, but I'm trying to understand the basis for your reasoning here.
Unless I have misread or misunderstood your posts, you seem to be saying this tool should not be offered on GAOTD, because:
1. It is not aimed at GAOTD's target demographic - the average home user,
and
2. It could be deliberately mis-used, or its use by non-experts could cause problems, even if
unintentionally.

Since some of your responses to my posts indicate that you misunderstand what I intended to say, I offer the following for the sake of clarity:

On your first point: You are at least half-correct. This tool isn't intended for the average home user. As part of a network data and traffic analysis suite, its functions put it clearly in the "super-user" to System/Network admin role. However, I'm not certain that GAOTD specifically limits their offers to 'Home Use" apps? If that were true, why would we be having this discussion?

For the record, I did not say that this app is aimed at the average-Joe home user - I said that it is part of a set of tools designed for network data and traffic analysis - not exactly the average person's idea of a good time, and, probably outside the knowledge, skills set, or interest of most.
What I DID say is that regardless of the developer's intent there ARE legitimate, non-malicious, uses that are relevant to a home environment. And the definition of the "Home environment" is expanding rapidly to include a mind-boggling number of consumer/personal use servers with internet-facing exposure. such as:
- Home security systems that provide remote monitoring of video feeds. Hell, there's even a DOORBELL that does that now! (What's next, an internet-connected "Toilet Seat UP" sensor? LOL)
- Data storage server devices with "Personal Cloud" servers
- Hamachi-type personal VPn apps, etc.
- The tidal-wave IOT devices is not far behind.
- And every install of Windows since UPNP arrived has enabled that server by default!

It would be ridiculous to equate my home network's external threat profile with that of an Amazon server farm. The differences are many, and their security requirements differ in the extreme. But to down-play the number of home networks that have internet-facing servers, or to imply that those servers don't need protecting seems a bit strange to me. Yes, Gibson's Shields-up is an excellent resource. My PC has a perfect stealth score.
But not all traffic problems occur on the WAN side of NAT, and not all threats occur there either. People like you and I who apparently know about networking and security are likely to be asked a lot more often in the future about a lot more types of personal servers.

I plan to use this in my home network to test QOS settings tweaks on my home router. I have 4 adults living here, with smart tvs, several PCs, various tablets, and of course smart phones. Even with 75MBps service, and Gig-e over CAT5e & CAT6 cabling, when everyone hits the router all at once, it can throw a hissy and make my wife's Netflix lag.
So, to eliminate my router config as part of the problem, I'll baseline the performance of streaming video from the media server *ON MY PC* to the TV for starters, and capture those packets. Then I can tweak router settings, replay the same capture session I used for the baseline test, and monitor whether the tweak did what I wanted it to. Simple as that.
No Internet server-crashing, Lawyer-involvement, Fire, Flood, Famine, weeping, wailing, gnashing of teeth, cats and dogs, living together in sin, satellites falling from the sky, etc.

To answer your second point, Yes, this tool could be misused - just like any other tool, from any field of endeavor or recreation, whether in the digital world or real life. I think that the arcane nature of the tool makes it almost unusable for anyone lacking in networking skills. You said yourself that this app doesn't offer capture/ analysis tools, so anyone who can actually use it already knows enough to capture a network session and filter out the desired packets to replay them. Anyone intent on perpetrating a DOS attack unfortunately has *much* easier ways to go about it - methods that any script-kiddie worth his download of Lopht-crack already has.
So all-in-all, I doubt GAOTD offering this today has made the internet as a whole is less safe in any measurable way.

Again, sorry its so long, and Have a good day!

Luckystiff, regardless of what servers you run over a domestic fibre or cable connection it will never be safe from internet side DDOS attacks as you simply don't have the bandwidth to absorb a concerted attack that often disables moderate server farms multi-gigabit connectivity even with 100% secure and hardened servers behind the fibre connection.

This product is not well suited to the testing that you propose as it simply replays packets sniffed in a previous session, it does not generate legitimate custom packets designed to test specific behaviors.

Not sure why Windows UPNP is even mentioned as if enabled the interface should only ever be accessible on the private LAN side of any NAT router. If someone is brave enough to place a windows machine directly onto the internet with a public IP directly assigned to it then I hope it would at least be configured as a public network interface which would disable UPNP and a bunch of other servers from being seen and SSDP discovery being disabled. But none of that requires this tool to configure or test...

I remain unconvinced that you will get any serious mileage out of this tool auditing your personal LAN internally or externally. You might be able to detect firmware flaws in the handling of malformed packets (that means crash a router or switch or TCP/IP stack or two) but those types of errant packets will normally not make it past a NAT's SPI firewall with intrusion protection enabled.

I think the comparison in the numbers of those familar with the purpose and those unfamiliar what does this do? type comments demonstrates how far off the mark this class of "tool" is for GAOTD.

Plus the simple fact that the free version 2.0 seems to do everything the pro 1.3.1 does and is always free except maybe when used in the commercial environment but even the need for the $395 licensed is not enforced really makes the giveaway of pro 1.3.1 kind of redundant for anyone that really can use this contructively anyway IMHO.

TK,
I bet you are as busy as I am, so I appreciate your responses they have been respectful and thoughtful. And while I enjoy intelligent discussion, in all honesty I think we have gone 'round the tree a few times here.

Your initial post and early responses to me made 2 main points:
1. This app is not made for the average home user, and therefore GAOTD shouldn't offer it.
2. Since this tool can only re-play a packet capture, there is no legitimate, non-malicious use for such a tool.

To sum things up, I think we actually agree more than we disagree, in that we seem to agree on the important parts, and what we disagree about is relatively minor.

We agree on the major point that this app is NOT made for (or useful to), the average home user.
We seem to disagree on whether GAOTD should have offered this (a relatively minor point IMHO).
You correctly point out that the app doesn't appeal to the target demographic, and you see the potential for mis-use.
I agree this is not a typical offering for this site, and it is only interesting to a very narrow range of people. But I maintain that GAOTD is free to offer whatever apps they choose.
As for the mis-use issue, I believe that anyone who has sufficient skills to perform the prerequisite steps that would allow them to use this tool for malicious purposes almost certainly has the ability to use other tools in their arsenal to to the same damage or worse.
Further, I'd be willing to bet that either of us could find potential malicious uses for lots of the software offered here, and their absence from GAOTD wouldn't stop someone who is determined to cause trouble, and looking for an app to cause it with.

Then we branched out in several directions, covering lots of ground, leading us to the post I'm responding to now. I'll respond to the points you make in order.

I agree that home networks won't survive determined attacks - they simply aren't designed with that in mind.
I don't have any statistics, but I think the incidence of 'determined' attacks against Joe average user is fairly rare? Most ISPs are getting better about detecting and blocking the majority of simple attacks. And unlike the hardened data centers that businesses need to keep online, Joe average user can always just "pull the plug" and get a new IP when he reconnects to the ISP's network. That doesn't thwart every attempt, or solve the root problem, but it helps.

As for Packet Replay not being useful for the testing I proposed, I listed "education & training network traffic analysis, home network monitoring, etc." in the context of uses for the suite of tools Colasoft provides for free.
My intent was simply to show legitimate uses for this tool (and others like it) in response to your statement that there are no legitimate, non-malicious uses for the tool.
And if I found the need to define specific packet properties, I could use Colasoft's Packet Builder, which is part of that set of tools, which brings me back to my earlier responses to your initial comments about this offering having no legitimate use: This tool has *NO* use, legitimate or otherwise, on its own. It requires the output of, other apps to do anything at all.

I mentioned Windows UPNP in the context of our "Home Servers" conversation, mainly Because its so damned prolific, insidious, and it is (according to Steve Gibson, Kaspersky Labs, and others) a "server" which combined with a router's UPNP service, allows code on a LAN-side system to "Invite" internet-facing code to absolutely wreck firewall settings and invite themselves in for a party. I'm sure you are aware that most consumer routers have UPNP enabled by default, so coupled with a default Windows install, "UPNP enabled" = MASSIVE potential for internet exposure of LAN-side interfaces.
See: https://business.kaspersky.com/filet-o-firewall/4533/

While I honestly do appreciate your opinion (seriously.. no snark here) about my mileage using this to audit my network , that's not my plan. While it seems possible to test other aspects of network performance with this, I only plan to verify the effects of simple traffic shaping settings on my router.
I hope I'll be able to capture as many LAN-Side only streams as I need with Wireshark or Capsa, and replay them (hopefully simultaneously) looped with this tool for as long as I need, varying the cycle intervals to closely approximate actual simultaneous, multi-user, streaming HD video traffic. As for not getting much mileage out of that exercise, you may end up being right, but I hope you aren't.

You are correct: The majority of comments here do seem to be of the "What does this do?" variety, which isn't surprising. Whether that's off-the mark is a determination I'll leave to GAOTD.

And finally, I agree fully with your last paragraph. I have found no significant difference in capabilities between the Newer Free v2.x and the older "Commercial" v1.3 that is offered here today. The only benefit to Colasoft that I can think of is the opportunity to advertise Colasoft's products to GAOTD visitors who may not have heard of them.

Thanks again for the back-and-forth. Some of your points made me think a few things through, and that helped me solidify my plan.

Have a good week!

Therese, This particular tool doesn't capture data, it plays back packet files that were previously captured by Capsa, Wireshark, or several other packet capture utilities, so you can analyze network activity related to those packets.

michael00000001,
I am curious about this myself, but I can't seem to find any reference to "Packet Player Pro"on Colasoft's site? Their site does offer a free version of Packet Player - v2.0 - which is around 12.8MB in size, dated June 2016, compared to today's 19.7MB v1.3.1 "Commercial" version, whose installed .exe is dated Oct, 2014.

- I forgot to mention that on Colasoft's site, the free Packet Player v2.0 info page links to the v1.3.1 help file, so I assume the two versions are very similar

michael00000001, the free version is 2.0.0.212 the paid is 1.3.1 both seem to offer the same features, the 2.0.0.212 version has no place to insert a serial number. One difference I did notice is that Version 2.0.0.212 failed to see any network interfaces unless it was executed with elevated rights i.e. run as Administrator while 1.3.1 given away here sees the network interfaces when run without elevation of rights.

TK, I haven't installed the free version, so thanks for the info on the differences. Good catch on the 'elevated rights' requirement. Since the free v2.x page still points to the older v1.3.1 help file, I doubt that's covered there.

Luckystiff, you can find reference to "Packet Player Pro" here:

http://www.colasoft.com/purchase/tools.php

TK, Thanks. I did see that particular link, so I guess I should have said I didn't find any reference to what features/functions the Pro version provides. I even tried searching their support forum for that info, but couldn't do a simple search without the hassle of registering, etc.