This is an open source project made using Visual Studio with C#. Secure yourself free of charge, and free of malware, ad-ware, bloatware and any other warez that make downloading tools dreadful.
This tool makes heavy use of Chatgpt
This tool uses SharpPCap and PacketDotNet Libraries

**Contributors Welcome**

What does it do?

It captures each incoming packet on the monitored network

Sends the foreign IP information off for analysis (currently using Whois.com)

Stores Connection History in a database

Provides a view for the database

How to Set it Up? (assuming we're using visual studio)

When running the program, run it or visual studio as administrator

Right Click on NetworkTrafficCSharpForm >> Add >> New Item >> Service-based Database >> Name the database IPLogs.mdf

Create a new Table under this database and name it IPLog

Select ID, and under it's properties, expand Identiy Specification and make sure it is set to true and 1's.
Insert Columns with these Headers and attributes.

Id int False
Program nvarchar(50) True
Pid int True
Organization nvarchar(MAX) True
OrgName nvarchar(MAX) True
OrgId nvarchar(50) True
Address nvarchar(MAX) True
City nvarchar(MAX) True
StateProv nvarchar(50) True
PostalCode nvarchar(50) True
Country nvarchar(50) True
SourceIP nvarchar(50) True
DestIP nvarchar(50) True
Protocol nvarchar(50) True
PacketSize int True
PacketColor nvarchar(50) True
HasPayloadPacket nvarchar(50) True
HasPayloadData nvarchar(50) True
IsPayloadInitialized nvarchar(50) True
HeaderLength int True
HeaderData nvarchar(MAX) True
HopLimit int True
PayloadDataLength int True
PayloadPacket nvarchar(MAX) True
TimeToLive int True
TotalLength int True
TotalPacketLength int True
Version nvarchar(50) True

Or use the script below

CREATE TABLE [dbo].[IPLog] (
[Id] INT IDENTITY (1, 1) NOT NULL,
[Program] NVARCHAR (50) NULL,
[Pid] INT NULL,
[Organization] NVARCHAR (MAX) NULL,
[OrgName] NVARCHAR (MAX) NULL,
[OrgId] NVARCHAR (50) NULL,
[Address] NVARCHAR (MAX) NULL,
[City] NVARCHAR (MAX) NULL,
[StateProv] NVARCHAR (50) NULL,
[PostalCode] NVARCHAR (50) NULL,
[Country] NVARCHAR (50) NULL,
[SourceIP] NVARCHAR (50) NULL,
[DestIP] NVARCHAR (50) NULL,
[Protocol] NVARCHAR (50) NULL,
[PacketSize] INT NULL,
[PacketColor] NVARCHAR (50) NULL,
[HasPayloadPacket] NVARCHAR (50) NULL,
[HasPayloadData] NVARCHAR (50) NULL,
[IsPayloadInitialized] NVARCHAR (50) NULL,
[HeaderLength] INT NULL,
[HeaderData] NVARCHAR (MAX) NULL,
[HopLimit] INT NULL,
[PayloadDataLength] INT NULL,
[PayloadPacket] NVARCHAR (MAX) NULL,
[TimeToLive] INT NULL,
[TotalLength] INT NULL,
[TotalPacketLength] INT NULL,
[Version] NVARCHAR (50) NULL,
PRIMARY KEY CLUSTERED ([Id] ASC)
);

From there, enter what part of your network you want to monitor ie: (with the dot at the end)
192.168.1. or 192.168.
Select Your Capture (Network) Device.
Hit The Start Capture Button
Hit The View Packet Button

Things that I'll probably Continue to work on...

Upgrading the Gui
Get the datagridview to update automatically
Decoding/encoding packet data.
Add a way to delete database rows (for now I'm just relying on visual basic to empty out the database)
Figure out which data can be refreshed and if and when it is appropriate to update an entry

Quirks:

At the moment, you have to press the View Packet Button again to update the data view.

The Capture Ethernet Packets Button is there for library capability testing.

Can't directly delete stored items

Due to Pid 0 being used by 'System Idle', Pid 99999 is used to indicate an unidentified/unknown program.

Future Possiblities:

I'd like to be able to get better location data as the whois this is connected to gets caught up with bot checks, any suggestions?

It'd be great to see live graphs on the incoming data statistics.