Comparison of packet analyzers
The following tables compare general and technical information for several packet analyzer software utilities, also known as network analyzers or packet sniffers. Please see the individual products' articles for further information.
General information[edit]
Basic general information about the software—creator/company, license/price, etc.
| Creator | Latest release | User interface | Software license | Cost | |
|---|---|---|---|---|---|
| Analyze This | Comoe Networks | Web GUI | N/A | ? | |
| Cain and Abel | Massimiliano Montoro | 4.9.56 / April 7, 2014 | GUI | Freeware | Free |
| Capsa | Colasoft | 10.0 / July 26, 2017[1] | GUI | Proprietary | $0-$995, depending on version[2] |
| Carnivore | Federal Bureau of Investigation | ? | ? | N/A | ? |
| Charles Web Debugging Proxy | Karl van Randow | 4.1.4 / July 10, 2017 | GUI | ? | $30-$50 (Free Trial) |
| Clarified Analyzer | Clarified Networks | GUI | Proprietary | Non-free | |
| Clusterpoint Network Traffic Surveillance System | Clusterpoint | web GUI | Proprietary | ? | |
| CommView | TamoSoft | 6.5 | GUI | Proprietary | $299-$599, $149 1 year subscription |
| Debookee | iwaxx | 6.0.0b2 (2278) / July 21, 2017[3] | GUI | Proprietary | $29.90-$69.90 |
| dSniff | Dug Song | 2.3 / December 17, 2000[4] | CLI | BSD License | Free |
| EtherApe | Juan Toledo | 0.9.14 / February 6, 2016[5] | GUI | GNU General Public License | Free |
| Ettercap | ALoR and NaGA | 0.8.2-Ferri / March 14, 2015[6] | Both | GNU General Public License | Free |
| Fiddler | Eric Lawrence | 4.6.3.50306 / 9 December 2016 | GUI | Freeware | Free |
| justniffer | The Justniffer team | 0.5.15 / March 21, 2016[7] | CLI | GNU General Public License | Free |
| Kismet | Mike Kershaw (dragorn) | 2016-01-R1 / January 31, 2016[8] | CLI | GNU General Public License | Free |
| Microsoft Message Analyzer | Microsoft | 1.4 / October 28, 2016 [9] | GUI | Proprietary | Free |
| Microsoft Network Monitor | Microsoft | 3.4 / June 24, 2010 | GUI | Proprietary | Free |
| netsniff-ng | Daniel Borkmann | 0.6.2 / November 7, 2016 | CLI | GNU General Public License | Free |
| ngrep | Jordan Ritter | 1.45 (11/18/06) | CLI | BSD-style | Free |
| Observer | Viavi Solutions (formerly Network Instruments) | GUI | Proprietary | Price on request | |
| OmniPeek (formerly AiroPeek, EtherPeek) | Savvius (formerly WildPackets) | 9.2 / May 27, 2016 | GUI | Proprietary | $1194-$5994, depending on version[10] |
| SteelCentral Transaction Analyzer | OPNET Technologies/Riverbed Technology | 17.0.T-PL1 / June 9, 2014[11] | GUI | Proprietary | Non-free |
| snoop | Sun Microsystems | Solaris 10 / December 11, 2006 | CLI | CDDL | Free |
| tcpdump | The Tcpdump team | 4.8.1 / October 25, 2016[12] | CLI | BSD License | Free |
| Wireshark (formerly Ethereal) | The Wireshark team | 2.4.0 / July 19, 2017[13] | Both | GNU General Public License | Free |
| Xplico | The Xplico team | 1.2.0 / February 1, 2017[14] | Both | GNU General Public License | Free |
Operating system support[edit]
The utilities can run on these operating systems.
| Client | Microsoft Windows | macOS | Linux | BSDs | Solaris | Other |
|---|---|---|---|---|---|---|
| Cain and Abel | Yes | No | No | No | No | No |
| Capsa Free Edition | Yes | No | No | No | No | No |
| Carnivore | Yes | No | No | No | No | No |
| Charles Web Debugging Proxy | Yes | Yes | Yes | ? | ? | ? |
| Clarified Analyzer | Yes | Yes | Yes | No | No | ? |
| Clusterpoint Network Traffic Surveillance System |
Yes | Yes | Yes | Yes | No | Any virtual-machine compatible OS |
| CommView | Yes | No | No | No | No | No |
| Debookee | No | Yes | No | No | No | No |
| dSniff | ? | Yes | Yes | Yes | Yes | ? |
| EtherApe | No | Yes | Yes | Yes | Yes | ? |
| Ettercap | Yes | Yes | Yes | Yes | Yes | ? |
| justniffer | No | Yes | Yes | Yes | Yes | ? |
| Kismet | Yes | Yes | Yes | Yes | ? | ? |
| LANMeter | No | No | No | No | No | Fluke proprietary hardware |
| netsniff-ng | No | No | Yes | No | No | No |
| ngrep | Yes | Yes | Yes | Yes | Yes | AIX, BeOS, HP-UX, IRIX, Tru64 UNIX |
| Microsoft Network Monitor | Yes | No | No | No | No | No |
| Observer | Yes | No | No | No | No | No |
| OmniPeek (formerly AiroPeek, EtherPeek) | Yes | No | No | No | No | No |
| SteelCentral Transaction Analyzer | Yes | Version 3.5 capture agents on PowerPC only | GUI, plus version 3.5 capture agents | No | Version 3.5 capture agents on SPARC only | Version 3.5 capture agents on AIX and PA-RISC HP-UX only |
| snoop | No | No | No | No | Yes | No |
| tcpdump | Yes (WinDump) | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
| Wireshark (formerly Ethereal) | Yes | Yes | Yes | Yes | Yes | AIX, HP-UX, IRIX, Tru64 UNIX |
| Xplico | No | No | Yes | No | No | No |
Features[edit]
| Process grouping | Monitor mode | Capture filter | |
|---|---|---|---|
| Wireshark | ? | ? | ? |
References[edit]
- ^ "News Center - Colasoft". www.colasoft.com. Retrieved 2017-08-10.
- ^ "Capsa Enterprise Edition & Professional Edition & Free Edition - Colasoft".
- ^ "Release History". debookee.com. Retrieved 2017-08-10.
- ^ "CHANGES". www.monkey.org.
- ^ "EtherApe, a graphical network monitor". etherape.sourceforge.net. Retrieved 2016-12-13.
- ^ "Downloads « Ettercap". ettercap.github.io. Retrieved 2015-12-11.
- ^ "justniffer - Browse /justniffer at SourceForge.net". sourceforge.net. Retrieved 2016-12-13.
- ^ "Kismet". www.kismetwireless.net. Retrieved 2016-06-03.
- ^ https://www.microsoft.com/en-us/download/details.aspx?id=44226
- ^ "store.savvius.com".
- ^ https://support.riverbed.com/content/support/software/steelcentral-npm/transaction-analyzer.html
- ^ tcpdump. "Tcpdump/Libpcap public repository". www.tcpdump.org. Retrieved 2016-12-13.
- ^ https://www.wireshark.org/news/20170719.html
- ^ https://www.xplico.org/archives/1513
