The content from the Internet Technology Alliance mentions the use of Network Miner, a network forensics analysis tool, which assists in capturing and analyzing network traffic to identify potential security threats. For more details, you can visit their website at [Internet Technology Alliance](https://www.wljslmz.cn).
Hello, this is the Internet Technology Alliance.
Network sniffers are frequently used in daily work. In general, we call them âpacket capture toolsâ. Whether in software development or network engineering, using packet capture to solve some issues has become the norm.
So, do you know what packet capture tools are available? Which one do you use the most? Today, Brother Rui will introduce several commonly used packet capture tools. Letâs get started directly!
Wireshark is a free open-source packet capture tool that can analyze network traffic in real-time on Windows, Mac, Unix, and Linux systems. It is capable of capturing packets through network interfaces, such as Ethernet, LAN, or SDR, and intercepting network traffic for analysis and processing.
Wireshark provides a range of different display filters, allowing each captured packet to be converted into a readable format. This facilitates user analysis, helping them to solve problems.
Fiddler is a free HTTP(S) packet capture tool, suitable for any browser and widely used by developers. It can log all HTTP(s) traffic between the client computer and server, and can be used for performance testing, session manipulation, and security testing. It can even be used as a reverse proxy, and also analyze traffic between mobile devices, tablets, and IoT devices.
Fiddler only starts capturing traffic when you run it. By default, it runs on port 8888 on the local machine (127.0.0.1), and the default port can be changed from Tools > Options.
Tcpdump is one of the most powerful and widely used packet capture tools. It is used to capture or filter TCP/IP packets sent or received on a specific interface over a network. Tcpdump is available under most Linux/Unix-based operating systems and can save captured packets in files for future analysis, with the file format.
Tcpdump is very simple to use. Here are a few commonly used commands:
Solarwinds Bandwidth Analyzer comprises two parts:
Solarwinds Bandwidth Analyzer is a commercial software, offering a 30-day free trial.
Free Network Analyzer is an excellent free network monitoring software that can analyze a computerâs wired or wireless connection. It can capture, filter, and display all traffic data while decoding the raw data of network packets.
NAST, short for Network Analyzer Sniffer Tool, is a tool based on ncurses, suitable for UNIX servers without GUI, capable of sniffing and logging packets on network interfaces in normal or promiscuous mode.
Kismet is very powerful; it is not just a network sniffer. It can analyze the traffic of hidden networks or those with unbroadcast SSID and is suitable for packet capture of wireless traffic and wireless devices. Kismet can be used in *NIX, Windows Under Cygwin, and OSX environments.
EtherApe has many similar features to WireShark and is also open-source and free. It has link layer, IP, and TCP modes, displaying network activity graphically. The size of hosts and links varies with traffic, making the graphical interface more visually appealing. However, it is only suitable for Linux, Unix, and MacOS, and not for Windows systems.
NetworkMiner is a packet capture tool for Windows, developed and supported by a small Swedish company, Netresec. It has a free version and a paid version.
NetworkMiner can capture live traffic and also analyze the contents of previously captured traffic saved in pcap format, similar to Wiresharkâs advantages.
WinDump is the Windows version of tcpdump, which can monitor, diagnose, and save network traffic to disk based on various complex rules. It can be run via command line, PowerShell, or remote shell.
Itâs almost similar to tcpdump in functionality. You can think of it as the tcpdump on Linux.
There are actually many other packet capture tools out there, which I wonât elaborate on in detail here. Iâll list a few, and if youâre interested, you can explore each one:
Etc.
There are numerous packet capture tools, and this article has focused on introducing 10 of them. A few other commonly used ones were also mentioned. I wonder which packet capture tool you use the most? Feel free to tell me in the comments section. I hope this article has been helpful to you. Lastly, thank you for reading!!