Comparison of packet analyzers
The following tables compare general and technical information for several packet analyzer software utilities. Please see the individual products' articles for further information.
General information
Basic general information about the software—creator/company, license/price, etc.
Operating system support
The utilities can run on these operating systems.
| Client | Microsoft Windows | OS X | Linux | BSDs | Solaris | Other |
|---|---|---|---|---|---|---|
| Cain and Abel | Yes | No | No | No | No | No |
| Capsa Free Edition | Yes | No | No | No | No | No |
| Carnivore | Yes | No | No | No | No | No |
| Clarified Analyzer | Yes | Yes | Yes | No | No | ? |
| Clusterpoint Network Traffic Surveillance System |
Yes | Yes | Yes | Yes | No | Any virtual-machine compatible OS |
| CommView | Yes | No | No | No | No | No |
| dSniff | ? | Yes | Yes | Yes | Yes | ? |
| EtherApe | No | Yes | Yes | Yes | Yes | ? |
| Ettercap | Yes | Yes | Yes | Yes | Yes | ? |
| justniffer | No | Yes | Yes | Yes | Yes | ? |
| Kismet | Yes | Yes | Yes | Yes | ? | ? |
| LANMeter | No | No | No | No | No | Fluke proprietary hardware |
| netsniff-ng | No | No | Yes | No | No | No |
| ngrep | Yes | Yes | Yes | Yes | Yes | AIX, BeOS, HP-UX, IRIX, Tru64 UNIX |
| Microsoft Network Monitor | Yes | No | No | No | No | No |
| Observer | Yes | No | No | No | No | No |
| OmniPeek (formerly AiroPeek, EtherPeek) | Yes | No | No | No | No | No |
| SteelCentral Transaction Analyzer | Yes | Version 3.5 capture agents on PowerPC only | GUI, plus version 3.5 capture agents | No | Version 3.5 capture agents on SPARC only | Version 3.5 capture agents on AIX and PA-RISC HP-UX only |
| snoop | No | No | No | No | Yes | No |
| tcpdump | Yes (WinDump) | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
| Wireshark (formerly Ethereal) | Yes | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
| Xplico | No | No | Yes | No | No | No |