The following tables compare general and technical information for several packet analyzer software utilities. Please see the individual products' articles for further information. This article is not all-inclusive or necessarily up-to-date.
Basic general information about the software—creator/company, license/price, etc.
Creator | GUI / Console | Cost (USD) | Software license | |
---|---|---|---|---|
nGenius Infinistream | NetScout | GUI | ? | Proprietary EULA |
AppTransaction Xpert | OPNET Technologies | GUI | Unknown | Proprietary EULA |
Cain and Abel | Massimiliano Montoro | GUI | Free | Freeware |
Capsa Free Edition | Colasoft | GUI | Free | Proprietary EULA |
Carnivore | Federal Bureau of Investigation | ? | N/A | N/A |
Clarified Analyzer | Clarified Networks | GUI | 300€ and up | Proprietary EULA |
Clusterpoint Network Traffic Surveillance System | Clusterpoint | web GUI | $3,000 and up | Proprietary EULA |
dSniff | Dug Song | Console | Free | BSD License |
EtherApe | Juan Toledo | GUI | Free | GNU GPL |
Ettercap | ALoR and NaGA | Both | Free | GNU GPL |
I/O Ninja | Tibbo Technology Inc. | GUI | $30 | Proprietary EULA |
justniffer | The Justniffer team | Console | Free | GNU GPL |
Kismet | Mike Kershaw (dragorn) | Console | Free | GNU GPL |
LANMeter | Fluke Corporation | handheld | ? | ? |
netsniff-ng | Daniel Borkmann | Console | Free | GNU GPL |
NetworkMiner free edition | NETRESEC AB | GUI | Free | GNU GPL |
NetworkMiner Professional | NETRESEC AB | Both | 500€ | Proprietary EULA |
ngrep | Jordan Ritter | Console | Free | Other |
Microsoft Network Monitor | Microsoft | GUI | Free | Proprietary EULA |
Observer | Network Instruments | GUI | ? | Proprietary EULA |
OmniPeek (formerly AiroPeek, EtherPeek) | WildPackets | GUI | $1,194.00 and up | Proprietary EULA |
PacketView Pro | Klos Technologies, Inc. | Console | $1,299.00 | Proprietary EULA |
pt360 Tool Suite | PacketTrap | ? | $99 | ? |
Sniffer Portable | NetScout | GUI | ? | Proprietary EULA |
snoop | Sun Microsystems | Console | Free | CDDL |
tcpdump | The Tcpdump team | Console | Free | BSD License |
Wireshark (formerly Ethereal) | The Wireshark team | Both | Free | GNU GPL |
Xplico | The Xplico team | Both | Free | GNU GPL |
The utilities can run on these operating systems.
Client | Windows | Mac OS X | Linux | BSD | Solaris | Other |
---|---|---|---|---|---|---|
AppTransaction Xpert | Yes | Version 3.5 capture agents on PowerPC only | GUI, plus version 3.5 capture agents | No | Version 3.5 capture agents on SPARC only | Version 3.5 capture agents on AIX and PA-RISC HP-UX only |
Cain and Abel | Yes | No | No | No | No | No |
Capsa Free Edition | Yes | No | No | No | No | No |
Carnivore | Yes | No | No | No | No | No |
Clarified Analyzer | Yes | Yes | Yes | No | No | ? |
Clusterpoint Network Traffic Surveillance System |
Yes | Yes | Yes | Yes | No | Any virtual-machine compatible OS |
dSniff | ? | Yes | Yes | Yes | Yes | ? |
EtherApe | No | Yes | Yes | Yes | Yes | ? |
Ettercap | Yes | Yes | Yes | Yes | Yes | ? |
I/O Ninja | Yes | No | No | No | No | No |
Kismet | Yes | Yes | Yes | Yes | ? | ? |
LANMeter | No | No | No | No | No | Fluke proprietary hardware |
netsniff-ng | No | No | Yes | No | No | No |
NetworkMiner free edition | Yes | No | No | No | No | No |
NetworkMiner Professional | Yes | No | No | No | No | No |
ngrep | Yes | Yes | Yes | Yes | Yes | AIX, BeOS, HP-UX, IRIX, Tru64 UNIX |
Microsoft Network Monitor | Yes | No | No | No | No | No |
Observer | Yes | No | No | No | No | No |
OmniPeek (formerly AiroPeek, EtherPeek) | Yes | No | No | No | No | No |
PacketView Pro | Yes | No | No | No | No | No |
pt360 Tool Suite | Yes | No | No | No | No | No |
Sniffer Portable | Yes | No | No | No | No | No |
snoop | No | No | No | No | Yes | No |
tcpdump | Yes (WinDump) | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
Wireshark (formerly Ethereal) | Yes | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
Xplico | No | No | Yes | No | No | No |
justniffer | No | Yes | Yes | Yes | Yes | ? |