Packet sniffers

According to Kaspersky labs, a packet sniffer — also known as a packet analyzer, protocol analyzer or network analyzer — is a piece of hardware or software used to monitor network traffic. Sniffers work by examining streams of data packets that flow between computers on a network as well as between networked computers and the larger Internet. 

These packets are expected for — and routed to — explicit machines, yet utilizing a bundle sniffer in “promiscuous mode” permits IT experts, end clients or malevolent gatecrashers to analyze any parcel, paying little mind to objective. It’s conceivable to arrange sniffers in two different ways.

Packet sniffers can be utilized on both wired and wireless organizations — their adequacy relies upon the amount they can “see” because of organization security conventions. On a wired organization, sniffers may approach the bundles of each associated machine or might be restricted by the position of organization switches. On a wireless organization, most sniffers can just sweep each direct in turn, yet the utilization of various remote interfaces can extend this capacity.

Paesslre Packetcapture

PRTG lets you monitor and filter IP, UDP, TCP and data traffic and analyzes data packets. PRTG improves the reliability of your entire IT, saves time and network management costs. Flexible alerting. All in one, no add-ons. Trusted by 300,000 admins.

Check for more information here


Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Check for more information here


Tcpdump prints out a description of the contents of packets on a network interface that match the Boolean expression; the description is preceded by a time stamp, printed, by default, as hours, minutes, seconds, and fractions of a second since midnight.

Check for more information here


WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista. Check for more information here


TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark‘s native capture file format is pcapng format, which is also the format used by wireshark and various other tools. Check for more information here

Network miner

NetworkMiner is an open source Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. Check for more information here

%d bloggers like this: