A network trace utility may be used to capture network packets of data and display the contents of the packets. This information may then be used to troubleshoot network problems, such as network connectivity problems, or the like. Network trace utilities are also known as protocol analyzers, network analyzer, or packet sniffers. Existing protocol analyzers include, inter alia, Wireshark, Ethereal, tcpdump, and Netmon protocol analyzers.
However, at present, no known protocol analyzer in the background art is capable of decrypting data passed between Windows® operating system based systems in an encrypted Windows® operating system domain RPC (remote procedure call) session, despite attempts to do. Therefore, users of known existing network analyzers cannot view such RPC data. It might be possible for an existing network analyzer to decrypt packet data if the corresponding session key is provided in a keytab file, but this would require the user to manually obtain and derive the keys, which is very difficult.