Help & Documentation — ClumsyNetWatch

📡 Overview

ClumsyNetWatch is a portable network reconnaissance console for Windows. It discovers every active host across one or more scan targets, inspects open ports and TLS, fingerprints operating systems, supports faster SSH and RDP workflows, and tracks changes between scans — all without any installation or external files.

The entire application ships as a single .exe. The IEEE MAC vendor database (7 MB) is embedded inside it, so vendor lookups work even on air-gapped machines. Labels, notes, and per-device credentials let you identify and reconnect to hosts faster, while security risk flags, the stats panel, and tray monitoring keep the network picture useful after the first scan.

⚠ Legal Reminder Only scan networks you own or have explicit written permission to test. Unauthorized scanning may violate the Computer Fraud and Abuse Act and equivalent laws in your jurisdiction. See Legal Notice for full details.

🚀 Quick Start

Download ClumsyNetWatch-v0.9.0-rc1.exe (~85 MB, self-contained — no runtime install needed) from the Downloads page. Note: public release is currently pending — check the downloads page for current availability.
Run the file — no installation needed. If Windows SmartScreen appears, click More info → Run anyway (the exe is self-signed with a dev certificate).
The scan target field will auto-populate with your local subnet, but you can also enter comma-separated subnets, ranges, or single IPs (e.g. 192.168.1.0/24, 192.168.2.0/24, 10.0.0.10).
Choose a scan mode from the MODE dropdown — Quick is a good starting point.
Click Start. Hosts appear in the Hosts panel as they are discovered.
Click any host to see its open ports, MAC address, vendor, and hostname in the Details panel.

Tip The first scan on a fresh network typically takes 10–30 seconds in Quick mode. Use Common or Full for a thorough port sweep.

💻 Requirements

Item	Requirement
OS	Windows 10 or Windows 11 (x64)
Architecture	x64 only
Runtime	None — .NET 8 runtime is bundled inside the .exe (self-contained build, ~85 MB)
Installation	Not required — single portable .exe, run directly
Permissions	Standard user account is sufficient; ARP/ICMP may work better as Administrator on some networks
Network	Must be connected to the network you intend to scan
Internet	Not required — all lookups are offline
Disk space	~85 MB (self-contained — .NET 8 runtime is bundled inside the exe)

🛠️ Toolbar

The toolbar runs along the top of the window and contains all scan controls.

Control	Description
Scan Target	Enter one or more targets to scan. Supported formats include CIDR blocks, dash ranges, and single IPs. Separate multiple targets with commas — e.g. `192.168.1.0/24, 192.168.2.10-192.168.2.40, 10.0.0.15`.
MODE	Dropdown that selects which ports to scan. Built-in options: Quick, Common, Full, Paranoid. Any custom profiles you have saved also appear here.
Start	Begins a new scan with the current targets and selected mode. Disabled while a scan is already running.
Stop	Cancels the active scan immediately. Already-discovered results are preserved.
Stats	Appears after a scan completes and opens the network statistics window with summary cards, vendor/device breakdowns, top ports, and a security overview.
Export ▾	Opens a dropdown to export results as CSV, HTML report, or JSON.
Import	Load a previously exported JSON scan file back into the scan history.
Profiles	Opens the Manage Port Profiles dialog to create or delete custom port lists.
Theme toggle	Switches between Dark and Light themes. Auto-detected from Windows on startup.

🖥️ Hosts Panel

The Hosts panel (left side of the window) lists every device found during the scan. It updates in real time as each host responds.

Tabs

Tab	Shows
All	Every host in the current scan, online and offline.
Online	Only hosts that responded to the scan (status: Online).
Offline	Hosts that were found in the IP range but did not respond (Offline).

Hide Offline checkbox

The Hide Offline checkbox in the Hosts panel header removes offline hosts from the All tab view without switching tabs. Useful when scanning large subnets with many unused IP addresses. Does not affect the Offline tab.

Host columns

Column	Description
IP Address	The IPv4 address of the discovered host.
Hostname	Resolved via DNS, mDNS, LLMNR, and NetBIOS. Blank if unresolvable.
MAC / Vendor	Hardware address and manufacturer name from the embedded OUI database.
Status	Online or Offline.
Open Ports	Count of open ports found. Click the host to see the full list.

Right-click context menu

Copy IP — copies the host's IP address to the clipboard.
Copy MAC — copies the hardware address.
Copy Hostname — copies the resolved hostname.
✏ Edit Label / Note… — updates the host's saved label, notes, and per-device credentials.
Open SSH — launches SSH using the host's saved SSH username and copies the saved password to the clipboard.
Open RDP — launches Remote Desktop after loading the host's saved RDP credentials into Windows Credential Manager.
Wake-on-LAN — sends a magic packet to the selected host. See Wake-on-LAN.
Open in Browser — opens http://<ip> in your default browser.

🔎 Details Panel

Clicking a host in the Hosts panel loads its full information into the Details panel on the right side of the window.

Host information

Field	Description
IP	IPv4 address of the selected host.
Hostname	Resolved name, or — if none found.
MAC	Hardware address. Only available for hosts on the same Layer-2 segment.
Vendor	Manufacturer name from the embedded IEEE OUI database.
Status	Online / Offline.
OS Guess	Estimated operating system based on TTL value, open ports, SMB2 negotiation, and SNMP response. See OS Fingerprinting.
SMB OS	Windows version string identified via SMB2 dialect negotiation (port 445). More accurate than TTL-based guessing. See OS Fingerprinting.
SNMP	Full `sysDescr` string pulled from the device over UDP 161. Shows OS, firmware, or hardware description from routers, switches, and managed devices. See SNMP Probe.

Port list

Below the host information is a list of all open ports found during the scan. Click a port to see its details.

Field	Description
Port	TCP port number (e.g. 22, 80, 443).
Service	Well-known service name for that port (e.g. SSH, HTTP, HTTPS).
Banner	First response from the service. For HTTP this is the `Server:` header value. See Service Banners.
TLS Cert	Certificate details shown for HTTPS ports — subject, issuer, expiry date, and SANs. Includes expiry warnings. See TLS Certificates.

📋 Log Panel

The Log panel is the dark terminal strip at the bottom of the window. It shows a live feed of scan activity as it happens — host discoveries, port open/closed results, banner grabs, and any errors.

Entries are color-coded: discoveries in green, errors in red, status messages in grey.
The log auto-scrolls to the newest entry while scanning. You can scroll up freely to review earlier entries.
The log is cleared automatically when a new scan starts.
Log content is not exported — use Export to save structured results.

⚡ Scan Modes

Scan modes control which TCP ports are checked on each discovered host. Choose a mode from the MODE dropdown in the toolbar before starting a scan.

Mode	Ports checked	Best for
Quick	~20 most common ports	Fast overview — web, SSH, RDP, SMB, common services
Common	~100 well-known ports	Balanced sweep — good default for home networks
Full	~1000 standard ports	Thorough audit — takes longer but catches unusual services
Paranoid	All 65535 ports	Complete exhaustive scan — slow, use on individual hosts
Custom profiles	Your defined port list	Targeted scans for specific services — see Port Profiles

Tip For a first scan of a home network use Common. For IoT devices where you care about specific ports, create a custom profile with exactly the ports you need.

⚙️ Custom Port Profiles

Port profiles let you save named lists of ports and select them from the MODE dropdown just like built-in scan modes.

Creating a profile

Click the Profiles button in the toolbar.
In the Name field, enter a descriptive name (e.g. Web Stack).
In the Ports field, enter comma-separated port numbers (e.g. 80, 443, 8080, 8443).
Click Add. The profile appears in the list on the left.
Click Save & Close.

Your new profile immediately appears in the MODE dropdown and is saved to %AppData%\ClumsyNetWatch\profiles.json for future sessions.

Deleting a profile

Click Profiles in the toolbar.
Select the profile in the list on the left.
Click Remove.
Click Save & Close.

Example profiles

Name	Ports
Web Stack	80, 443, 8080, 8443, 3000, 8000
IoT Scan	80, 443, 1883, 5683, 8883, 48899
Remote Access	22, 3389, 5900, 5800, 2222
Database	1433, 3306, 5432, 6379, 27017
NAS / Shares	139, 445, 548, 2049, 9000

📣 Service Banners

When ClumsyNetWatch finds an open port it immediately reads the first response from the service. This "banner" often identifies the software and version running on that port.

For SSH ports — returns the server version string (e.g. SSH-2.0-OpenSSH_9.3).
For FTP ports — returns the FTP server greeting (e.g. 220 vsftpd 3.0.5).
For SMTP ports — returns the SMTP server greeting (e.g. 220 mail.example.com ESMTP Postfix).
For HTTP ports (80, 8080, 8000, 3000) — sends a HEAD / request and shows the Server: header value (e.g. Apache/2.4.54 (Ubuntu) or nginx/1.24.0).
For HTTPS ports (443, 8443) — banner field shows the Server: header from the HTTP response; full TLS certificate details are shown separately. See TLS Certificates.
For other ports — returns the first line of any data sent by the service on connect.

Banners are visible in the Details panel when you click a port. They are included in HTML and JSON exports.

Tip Banner grabbing adds a small amount of time per open port. On hosts with many open ports in Full or Paranoid mode this is expected behavior.

🔒 TLS Certificate Inspection

For every port identified as HTTPS (443, 8443), ClumsyNetWatch performs a full TLS handshake and extracts the server's certificate. This lets you spot expired, expiring-soon, or misconfigured certificates at a glance without opening a browser.

Certificate fields shown

Field	Description
TLS Cert	Common name or subject of the certificate (e.g. `CN=example.com`).
Issuer	Certificate authority that signed it (e.g. `Let's Encrypt`, `DigiCert`, or `self-signed`).
Expires	Certificate expiry date in `YYYY-MM-DD` format.
SANs	Subject Alternative Names — other hostnames or IPs covered by the certificate.

Expiry warnings

ClumsyNetWatch automatically flags certificates based on their expiry date:

⚠ EXPIRED — the certificate's expiry date is in the past. Browsers will show a security warning for this host.
⚠ expires soon — the certificate expires within the next 30 days. Plan to renew.
No warning — certificate is valid and not expiring soon.

Tip TLS inspection is automatic — just scan a host with port 443 or 8443 open and click the port in the Details panel. No extra configuration required.

Note Certificate validation is intentionally bypassed during inspection so self-signed and expired certificates can still be read. ClumsyNetWatch is reporting certificate data, not validating trust chains.

🖥️ OS Fingerprinting

ClumsyNetWatch uses multiple methods to estimate the operating system of each discovered host. Results are shown in the OS Guess and SMB OS fields in the Details panel.

Detection methods (in priority order)

Method	How it works	Accuracy
SMB2 Negotiation	Sends an SMB2 Negotiate protocol request to port 445. The DialectRevision value in the response maps to a specific Windows version (e.g. 0x0300 = Windows 8 / Server 2012, 0x0311 = Windows 10/11 / Server 2016+).	High — exact Windows version when port 445 is open
SNMP sysDescr	Queries UDP port 161 for the `sysDescr.0` OID. Network devices typically return a full description string identifying the OS, firmware, and hardware model.	High — verbatim device description for routers and managed switches
TTL Analysis	Estimates OS family from the Time-To-Live value in the ping response: TTL ~64 → Linux/macOS/Android; TTL ~128 → Windows; TTL ~255 → Cisco/network gear.	Low — family-level only, easily affected by routing hops

Tip SMB OS is only populated for Windows hosts with port 445 open. On Linux, routers, and IoT devices check the SNMP field instead — or enable SNMP on the device if it's not already.

📶 SNMP Probe

ClumsyNetWatch sends a lightweight SNMPv1 GET request to UDP port 161 on every discovered host and reads the sysDescr.0 OID (1.3.6.1.2.1.1.1.0). This is the standard "system description" field that virtually all SNMP-capable devices expose publicly.

What you get

Routers and switches — firmware version, hardware model, and OS (e.g. Cisco IOS Version 15.2 or RouterOS 7.10).
NAS devices — device name, OS version, and storage software.
Linux servers — kernel version and distribution if the SNMP agent is configured.
Windows servers — Windows version string if the SNMP service is running.
Printers and APs — model and firmware details.

Requirements

The device must have SNMP enabled and UDP port 161 reachable.
ClumsyNetWatch uses the public community string. If your device uses a custom community string, the probe will return no data.
Most consumer routers have SNMP disabled by default. Managed switches and enterprise gear typically have it enabled.

Tip SNMP data is shown in the SNMP field in the host's Details panel. It is also included when you export to JSON.

Security Note The public community string is a default with no authentication. If your network devices still use it in production, consider changing it or disabling SNMP on untrusted interfaces.

📊 Scan History

ClumsyNetWatch stores up to 6 scan snapshots in memory per session. Each completed scan is automatically saved as a snapshot.

Use the history navigation arrows at the top of the Hosts panel to move between snapshots.
The current snapshot number and total are displayed (e.g. 3 / 5).
When a new scan completes and you already have 6 snapshots, the oldest is dropped.

Change highlighting

When you navigate between snapshots, hosts are highlighted to show what changed:

Highlight	Meaning
New	Host was not present in the previous snapshot — appeared since last scan.
Changed	Host was seen before but its open ports or hostname changed.
Gone	Host was in the previous snapshot but did not respond this time.

Persisting history across sessions

Scan history is in-memory only and is lost when the application closes. To keep a scan permanently, use Export → JSON and then Import it back in a future session. See Exporting Results and Importing Scans.

📤 Exporting Results

Click Export ▾ in the toolbar to open the export menu. Three formats are available.

CSV

Exports a flat spreadsheet with one row per host. Columns include IP, Hostname, MAC, Vendor, Status, and a comma-separated list of open ports. Open in Excel, Google Sheets, or any spreadsheet tool.

HTML Report

Generates a standalone dark-themed HTML file. Contains a full host table with status indicators, all open ports, and service banners. The file is self-contained and can be shared or archived — no internet connection needed to view it.

JSON

Exports the complete scan as a structured JSON file including all host data, ports, banners, timestamps, and scan metadata. This format can be imported back into ClumsyNetWatch. See Importing Scans.

Tip Use JSON export for archiving or sharing scans between machines. Use HTML for readable reports you want to send to someone. Use CSV when you need to process the data in a spreadsheet.

📥 Importing Scans

Previously exported JSON scan files can be loaded back into ClumsyNetWatch's scan history.

Click Import in the toolbar.
Browse to the .json file exported from a previous session.
Click Open. The scan is added as a new snapshot in the history.
Use the history navigation arrows to switch to the imported snapshot.

Imported scans appear in history alongside scans from the current session. They support the same change highlighting when compared to other snapshots.

Note Only JSON files exported by ClumsyNetWatch are supported. Manually edited or third-party JSON files may fail to import.

⚡ Wake-on-LAN

Wake-on-LAN (WoL) sends a "magic packet" over the network that instructs a sleeping or powered-off computer to wake up, provided its network card and BIOS/UEFI support WoL.

How to wake a host

Right-click the host in the Hosts panel.
Select Wake-on-LAN from the context menu.
ClumsyNetWatch broadcasts the magic packet to the subnet.

Requirements for WoL to work

The target machine must have Wake-on-LAN enabled in its BIOS/UEFI settings.
The network adapter must support WoL (most wired adapters do; Wi-Fi adapters often do not).
The machine must be on the same Layer-2 network segment (same switch/router). WoL does not cross routers by default.
The target's MAC address must be known — it must have appeared in a prior scan in this session.

Tip If the machine still does not wake, check Windows Power Management settings: Device Manager → Network Adapter → Properties → Power Management → Allow this device to wake the computer.

🌙 Themes

ClumsyNetWatch supports a Dark theme and a Light theme.

Auto-detect on startup — the theme is automatically set to match your Windows system appearance (Settings → Personalization → Colors → Choose your mode).
Manual toggle — click the theme toggle button in the toolbar to switch themes at any time. Your choice is applied immediately for the current session.

The log panel always uses a dark terminal background regardless of the active theme, ensuring log text remains readable in both modes.

🔽 Filtering Hosts

Several filter controls help narrow down the host list when scanning large subnets.

Filter	How to use
All / Online / Offline tabs	Click a tab to show only hosts matching that status. The Online tab is the fastest way to see only responding devices.
Hide Offline checkbox	Available in the All tab header. Hides hosts with no response without switching tabs. Uncheck to show them again.

Tip When the Offline tab is selected, the Hide Offline checkbox is automatically disabled since it would hide everything.

📌 Device Labels & Notes

Every host on your network can be given a custom label, free-text notes, and saved SSH/RDP credentials that persist across sessions. Labels replace blank hostnames in the host list and make it easy to identify devices at a glance — especially useful for devices that do not broadcast a hostname (IoT gadgets, smart TVs, printers, etc.).

Setting a label

Right-click any host in the Hosts panel.
Select ✏ Edit Label / Note… from the context menu.
Enter a short Label (up to 40 characters, e.g. NAS, Dad's PC, Smart TV).
Optionally add free-text Notes (anything you want — MAC history, location, last service date).
Open the Credentials tab if you want to save per-device SSH or RDP credentials for this host.
Click OK.

Where labels and credentials appear

Location	Behaviour
Host list row	The label replaces the hostname display when one is set. A 📌 badge appears next to the IP to show a label exists.
Details panel	The Label and Notes fields are shown below the hostname when you click the host.
Edit Label dialog	The Credentials tab stores SSH and RDP usernames/passwords for that specific host.
Search / filter bar	You can search by label text — type "NAS" to instantly find the labelled device.

Clearing a label

Open Edit Label / Note… again and click Clear. This removes both the label and notes for that host.

Persistence

Labels are saved automatically to %AppData%\ClumsyNetWatch\labels.json keyed by IP address. They are reapplied to matching hosts whenever a new scan finds those IPs — even after restarting the application.

Tip Labels survive across scans and app restarts. If a device changes IP (e.g. via DHCP), update the label by clearing the old IP's entry and re-adding it to the new IP.

⚠️ Security Risk Flags

After every scan, ClumsyNetWatch automatically checks each discovered host for common security issues. Flagged hosts display a colored ⚠ badge in the host list, and the full list of findings is shown in the Details panel.

Risk severity levels

Badge	Severity	Meaning
⚠ Red	Critical	Immediate action recommended — unencrypted protocol, expired certificate, or active security misconfiguration.
⚠ Amber	Warning	Worth investigating — potential weakness or soon-to-expire credential.

What gets flagged

Flag	Severity	What it means
Telnet open	Critical 🔴	Port 23 is open. Telnet transmits credentials and data in plain text. Replace with SSH.
FTP open	Critical 🔴	Port 21 is open. FTP transmits passwords in plain text. Use SFTP or FTPS instead.
TLS cert expired	Critical 🔴	The HTTPS certificate on a scanned port has passed its expiry date. Browsers will block access to this service.
TLS cert expires soon	Warning 🟡	The certificate expires within 30 days. Schedule a renewal now to avoid downtime.
HTTP without HTTPS	Warning 🟡	Port 80 (or 8080) is open but no HTTPS port was found. Traffic to this service is unencrypted.
SNMP default community	Warning 🟡	The device responded to an SNMP query using the default `public` community string. This gives read access to system information — change it or restrict SNMP to trusted interfaces.
Default credentials accepted	Critical 🔴	The service accepted a tested username/password pair. ClumsyNetWatch only runs this check against endpoints that first respond with a real HTTP Basic auth challenge, and any accepted password is masked in the UI and exports.

Tip Risk flags are computed automatically — no configuration needed. Click any flagged host to see the full findings in the Details panel under the ── Security Risks ── divider.

Note Risk flags are still non-invasive. The only credential check is a limited HTTP Basic auth validation pass against services that first return a real 401 Unauthorized challenge. Passwords are always masked in findings, details, and exported output.

🔔 System Tray & Auto-Rescan

ClumsyNetWatch can run in the background from the Windows system tray, automatically rescanning your network on a set interval and notifying you when devices join or leave.

Minimizing to tray

Click the window's ✕ Close button — the app does not exit. Instead it hides to the system tray. The tray icon tooltip shows the current online host count. To restore the window, double-click the tray icon or right-click it and choose Open ClumsyNetWatch.

To fully exit the app, right-click the tray icon and choose Exit.

Auto-Rescan

Set a rescan interval from the tray icon's right-click menu under Auto-Rescan:

Option	Behaviour
Off (default)	No automatic rescanning. Scans only when you click Start.
5 min	Runs a new scan every 5 minutes using the current target and mode.
15 min	Runs a new scan every 15 minutes.
30 min	Runs a new scan every 30 minutes.

Tip Auto-Rescan only fires when no scan is already running — it will never stack overlapping scans. If a manual scan is in progress when the timer fires, the timer tick is skipped.

Change notifications

When the app is running in the tray and a completed scan detects changes vs the previous snapshot, a Windows balloon notification is shown:

New devices — one or more hosts appeared that were not in the last scan.
Devices left — one or more hosts from the last scan did not respond.

Notifications are only shown when the main window is hidden. If the window is open and visible, changes are reflected live in the Hosts panel instead.

Tip For home network monitoring, set Auto-Rescan to 15 min and minimize to tray. You'll get a notification the moment an unknown device connects to your network.

⚙️ Preferences

Click the ⚙ Preferences button in the toolbar to open the Preferences dialog. All settings are saved automatically to %AppData%\ClumsyNetWatch\preferences.json and applied the next time you open the app.

General

Setting	Description
Minimize to tray on close	When checked, clicking the window's ✕ button hides the app to the system tray instead of exiting. To fully exit, right-click the tray icon and choose Exit.
Start minimized	When checked, the app launches directly to the system tray without showing the main window.

Auto-Rescan

Set a recurring rescan interval. Options: Off, 5 min, 15 min, 30 min. The same setting is also accessible from the system tray right-click menu. See System Tray & Auto-Rescan for full details.

Notifications

Setting	Description
Enable balloon notifications	When checked, a Windows notification pops up when new or missing devices are detected while the app is in the tray.
Notify when changes ≥	Minimum number of host changes (new + gone) that must occur before a notification fires. Set to 1 to notify on any change; set higher to reduce noise on busy networks.

Credentials

Setting	Description
Custom credential list	Add your own username/password pairs to extend the built-in default credential checks. Usernames stay visible in the list; passwords remain masked.
Show / hide toggle	When adding a credential, the eye toggle lets you reveal or hide the password before saving it.
Storage	Credentials are saved locally in `%AppData%\ClumsyNetWatch\preferences.json` with your other preferences.

Privacy

Controls whether anonymous usage telemetry is sent. See Privacy & Telemetry for full details of what is and is not collected.

Tip You can change the telemetry opt-in at any time in Preferences → Privacy. The change takes effect immediately — no restart required.

🔐 Privacy & Telemetry

ClumsyNetWatch includes optional, opt-in anonymous telemetry to help understand how the tool is being used and improve it over time. No telemetry is ever sent without your explicit consent.

First-run consent

On the very first launch, a consent dialog is shown before any data is transmitted. It describes exactly what would be collected and gives you a clear Accept or No Thanks choice. If you click No Thanks, no data is ever sent. Your choice is saved; the dialog does not appear again.

What IS collected (if you opt in)

App version (e.g. 0.9.0)
Windows OS version (e.g. Windows 11 22H2)
Scan mode used (Quick / Common / Full / Paranoid / Custom)
Number of hosts found alive / total hosts scanned
Country code derived from your IP address at the server (not stored permanently)
An anonymous random ID generated on your device — this is a GUID with no personal information embedded in it
Event type: app startup or scan completed

What is NEVER collected

Your IP addresses or any IP addresses you scan
Hostnames, MAC addresses, or any device data from your scans
Your name, email, location, or any personally identifiable information
Open ports, banners, certificates, or any scan results

Changing your preference

Open ⚙ Preferences → Privacy and toggle Send anonymous usage data on or off at any time. The change is applied immediately.

Tip Telemetry helps prioritize which features to build next and catch crashes early. It is entirely optional — the app works identically whether you opt in or out.

🔄 Update Checker

ClumsyNetWatch checks for new releases automatically on startup by querying the GitHub Releases API. If a newer version is available, a blue banner appears at the top of the main window.

Update banner

Control	Description
Download link	Opens the GitHub Releases page in your browser so you can download the new version.
✕ Dismiss	Hides the banner for the current session. It will reappear on the next launch if the update is still available.

Tip The update check is silent and non-blocking — it never slows down startup or shows a dialog if you are already on the latest version.

Note The update check requires an internet connection. On air-gapped machines it fails silently and no banner is shown. Check the Changelog manually to see the latest version.

🐞 Report Bugs & Support

If ClumsyNetWatch crashes, behaves unexpectedly, or gives you results that look wrong, email support@clumsyslab.tech. Clear bug reports save time and make fixes land faster.

What to include

App version — for example v0.9.0 RC1.
Windows version — Windows 10/11 build if you know it.
What you were doing — scan target, scan mode, and the action you clicked.
What happened — exact error text, wrong result, freeze, or crash behavior.
What you expected — what you thought the app should do instead.
Screenshots or exports — attach a screenshot, JSON export, or HTML export if it helps explain the problem.

Tip Use the subject line ClumsyNetWatch Bug Report so support requests are easy to triage. If the app shows a crash dialog, include the exact message text.

⚖️ Legal Notice

⚠ Critical — Read Before Use ClumsyNetWatch is a network scanning tool. Using it on networks you do not own or have explicit written authorization to test may violate the Computer Fraud and Abuse Act (CFAA), the UK Computer Misuse Act, GDPR, or equivalent laws in your jurisdiction. Penalties can include significant fines and criminal prosecution.

You are solely and entirely responsible for ensuring you have legal authorization before scanning any network or device. Clumsy's Lab LLC accepts no liability for unauthorized use, illegal scanning, network disruption, or any harm arising from use of this software.

Before scanning, confirm: (1) you own the network, or (2) you have explicit written authorization from the network owner. When in doubt, do not scan.

For full terms, see:

Software Terms of Use — governs your download and use of ClumsyNetWatch.
Website Terms of Service — governs use of this website.