Packet Analyzer Software

Cybersecurity



In this article, we show some of the packet analyzer softwares or packet sniffers avaialable in the market.

Packet analysis has been around in some form for over 20 years, as a diagnostic tool, to observe data and other information travelling across the network. Packet analysis is also referred to as sniffing. The term refers to early packet sniffers, which sniffed or captured traffic as it traveled across the network.

In the 1990s, Novell, a software company, developed the Novell LANalyzer, which had a graphical UI and dashboard to examine network traffic. Concurrently, Microsoft introduced its Network Monitor.

Over the last several years, there have been more packet analyzers introduced into the market.

Some that still exist today are shown below.


dSniff is a sofware that passively monitors a network for interesting traffic. It is really a package that contains several tools to listen to and create network traffic. It is mostly used with kali linux and can be found at the following link kali.org/tools/dsniff/

Ettercap eavesdrops to capture passwords, emails, and files. According to the official website for Ettercap, it states, "Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis". The ettercap home page can be found at ettercap-project.org/index.html.

Tcpdump is a protocol analyzer that runs from the command line. According to the official website, tcdpdump is a "powerful command-line packet analyzer". The website can be found at tcpdump.org

Security Onion is an open source tool that combines packet capture with an Intrusion Detection System (IDS). Security Onion Solutions, LLC is the creator and maintainer of Security Onion, which it states is "a free and open platform for threat hunting, network security monitoring, and log management". Its website is securityonionsolutions.com

Wireshark is a packet sniffer used to analyze network traffic. Wireshark states on its websites that it is "the world's most popular network protocol analyzer". Its website is wireshark.org


These are current packet analyzers or packet sniffers currently available on the market.

Wireshark is by far the most popular and used in the world.

There are plenty of resources, including books and courses on how to use it.

Knowing how to use Wireshark effectively is also well sought in the job market.

These tools help us to capture packets sent during network communication.



Related Resources





HTML Comment Box is loading comments...