Sniffing Tools
Sniffing tools are extremely common applications. A few interesting ones are:
Wireshark One of the most widely known and used packet sniffers. Offers a tremendous number of features designed to assist in the dissection and analysis of traffic.
TCPdump A well-known command-line packet analyzer. Provides the ability to intercept and observe TCP/IP and other packets during transmission over the network. Available at www.tcpdump.org .
Windump A port of the popular Linux packet sniffer TCPdump, which is a command-line tool that is great for displaying header information.
Omnipeek Manufactured by WildPackets, OmniPeek is a commercial product that is the evolution of the product EtherPeek.
Dsniff A suite of tools designed to perform sniffing with different protocols with the intent of intercepting and revealing passwords. Dsniff is designed for Unix and Linux plat-forms and does not have a complete equivalent on the Windows platform. EtherApe A Linux/Unix tool designed to graphically display a system’s incoming and out-
going connections.
MSN Sniffer A sniffing utility specifically designed for sniffing traffic generated by the MSN messenger application.
NetWitness NextGen Includes a hardware-based sniffer, along with other features, designed to monitor and analyze all traffic on a network; a popular tool in use by the FBI and other law enforcement agencies.
