Comparison of packet analyzers

The following tables compare general and technical information for several packet analyzer software utilities. Please see the individual products' articles for further information. This article is not all-inclusive or necessarily up-to-date.

General information

Basic general information about the software—creator/company, license/price, etc.

Creator GUI / Console Cost (USD) Software license
nGenius Infinistream NetScout GUI ? Proprietary EULA
AppTransaction Xpert OPNET Technologies GUI Unknown Proprietary EULA
Cain and Abel Massimiliano Montoro GUI Free Freeware
Capsa Free Edition Colasoft GUI Free Proprietary EULA
Carnivore Federal Bureau of Investigation ? N/A N/A
Clarified Analyzer Clarified Networks GUI 300€ and up Proprietary EULA
Clusterpoint Network Traffic Surveillance System Clusterpoint web GUI $3,000 and up Proprietary EULA
dSniff Dug Song Console Free BSD License
EtherApe Juan Toledo GUI Free GNU GPL
Ettercap ALoR and NaGA Both Free GNU GPL
I/O Ninja Tibbo Technology Inc. GUI $30 Proprietary EULA
justniffer The Justniffer team Console Free GNU GPL
Kismet Mike Kershaw (dragorn) Console Free GNU GPL
LANMeter Fluke Corporation handheld ? ?
netsniff-ng Daniel Borkmann Console Free GNU GPL
NetworkMiner free edition NETRESEC AB GUI Free GNU GPL
NetworkMiner Professional NETRESEC AB Both 500€ Proprietary EULA
ngrep Jordan Ritter Console Free Other
Microsoft Network Monitor Microsoft GUI Free Proprietary EULA
Observer Network Instruments GUI ? Proprietary EULA
OmniPeek (formerly AiroPeek, EtherPeek) WildPackets GUI $1,194.00 and up Proprietary EULA
PacketView Pro Klos Technologies, Inc. Console $1,299.00 Proprietary EULA
pt360 Tool Suite PacketTrap ? $99 ?
Sniffer Portable NetScout GUI ? Proprietary EULA
snoop Sun Microsystems Console Free CDDL
tcpdump The Tcpdump team Console Free BSD License
Wireshark (formerly Ethereal) The Wireshark team Both Free GNU GPL
Xplico The Xplico team Both Free GNU GPL

Operating system support

The utilities can run on these operating systems.

Client Windows Mac OS X Linux BSD Solaris Other
AppTransaction Xpert Yes Version 3.5 capture agents on PowerPC only GUI, plus version 3.5 capture agents No Version 3.5 capture agents on SPARC only Version 3.5 capture agents on AIX and PA-RISC HP-UX only
Cain and Abel Yes No No No No No
Capsa Free Edition Yes No No No No No
Carnivore Yes No No No No No
Clarified Analyzer Yes Yes Yes No No ?
Clusterpoint Network Traffic
Surveillance System
Yes Yes Yes Yes No Any virtual-machine compatible OS
dSniff ? Yes Yes Yes Yes ?
EtherApe No Yes Yes Yes Yes ?
Ettercap Yes Yes Yes Yes Yes ?
I/O Ninja Yes No No No No No
Kismet Yes Yes Yes Yes ? ?
LANMeter No No No No No Fluke proprietary hardware
netsniff-ng No No Yes No No No
NetworkMiner free edition Yes No No No No No
NetworkMiner Professional Yes No No No No No
ngrep Yes Yes Yes Yes Yes AIX, BeOS, HP-UX, IRIX, Tru64 UNIX
Microsoft Network Monitor Yes No No No No No
Observer Yes No No No No No
OmniPeek (formerly AiroPeek, EtherPeek) Yes No No No No No
PacketView Pro Yes No No No No No
pt360 Tool Suite Yes No No No No No
Sniffer Portable Yes No No No No No
snoop No No No No Yes No
tcpdump Yes (WinDump) Yes Yes Yes Yes AIX, HP-UX, IRIX, Tru64 UNIX
Wireshark (formerly Ethereal) Yes Yes Yes Yes Yes AIX, HP-UX, IRIX, Tru64 UNIX
Xplico No No Yes No No No
justniffer No Yes Yes Yes Yes ?