Short names:
    - L2Neighbors           1 ghit
    - Layer2Monitor         0 ghits
    - L2Mon                 247 ghits
    - Link-Layer Monitor    68 ghits


It should monitor all NICs on a local machine, and give some idea of what MAC addresses are seen on
each, and how much traffic is coming from them.*



The philosophy is to be a little more limited in scope than more far-reaching proposals...  by only
focusing on the neighbors that are on the same broadcast domain, it gives the user quite a bit of
information about what might be wrong with THAT ONE COMPUTER's connections, and it's quicker to
implement, but doesn't necessarily go further to be able to constantly monitor the DHCP server, DNS
server, web servers, etc.  (more simply: it can't diagnose problems that affect more than one computer)

At the same time, it's a relatively minimal compact GUI.  More importantly, it needs essentially
zero setup to be able to use.  (which may not be useful in 90% of cases, but for the few people who
manage a number of computers, each with frequently-changing network connections, it can be very useful)



    * NOT going to them...  our link could be totally dead, and we'd still see lots of traffic being
      sent out


============[ GUI ]=================================================================================

There should be a summary view that just shows the IP of each active NIC, with its background color
changing based on how much traffic is incoming from that link.

    eg:

        + 192.168.16.101
        + 172.31.1.4
    
    (note: inactive NICs won't be displayed, since many machines tend to have one or two permanently
    inactive NICs, and we're focusing on a compact UI)


If you click on one of them, it should open up, and list all MAC addresses it's recently seen
    (again, with the background color of each indicating how much traffic is going over it)


        - 192.168.16.101
            00-01-b4-fb-04-c4
            00-10-60-03-85-91
        + 172.31.1.4


If you click on a MAC address, it should allow you to type in a text description of that remote
computer, as well as choosing an icon for that remote computer (primarily wired vs. wireless, or
possibly tower vs rackmount vs laptop).

    (ARP database would be stored in a local flatfile probably)




============[ Implementation details ]==============================================================

    - primarily coded in C-sharp, since that's a whole lot more flexible and faster than AHK, and
      nothing else I know actually does GUIs.

    - to get the per-MAC traffic statistics, we'll have to talk to WinPcap.  There's no official
      C-sharp interface, but there are unofficial ones:
            http://paperlined.org/programming_languages/csharp/winpcap.html

    - use a listview
        - but would need to do custom-drawing, in order to change the background color of each cell
                http://bytes.com/forum/thread348753.html
                http://msdn.microsoft.com/en-us/library/bb761817.aspx


============[ See also ]============================================================================

- note that one slightly simpler alternative is the Task Manager's "Networking" tab, especially if
  you turn on "unicasts received per interval".

        http://www.codinghorror.com/blog/archives/000393.html