A network analyzer (also known as a packet analyzer, packet sniffer, or protocol analyzer) is software that intercepts and logs traffic that passes over a computer network or part of a network. Packet capture is the process of intercepting and logging traffic. As data streams flow across the network, the analyzer captures each packet and, if needed, decodes the packet’s raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications.
Maintaining a live network is one of a system administrator’s most essential tasks, and keeping a watchful eye over connected systems is essential to keeping a network functioning at its best.
A good network analyzer helps a network developer with daily Linux plumbing. They can be used for network development, debugging, analysis, auditing or network reconnaissance.
Here’s our verdict on the finest network analyzers, captured in a LinuxLinks ratings chart. We only feature free and open source software here.
Let’s explore the 16 network analyzers. For each application we have compiled its own portal page, a full description with an in-depth analysis of its features, together with links to relevant resources.
| Network Analyzers | |
|---|---|
| Wireshark | Network protocol analyzer with a rich and powerful feature set |
| IPTraf-ng | Feature-laden network statistic monitoring tool |
| Ettercap | Comprehensive suite for man in the middle attacks |
| Kismet | Wireless network and device detector, sniffer, wardriving tool, WIDS framework |
| netsniff-ng | Swiss army knife for daily Linux network plumbing |
| darkstat | Captures network traffic, calculates usage statistics, and serves reports over HTTP |
| EtherApe | Graphical network monitor |
| justniffer | Network TCP packet sniffer with reliable TCP flow rebuilding |
| tcpflow | TCP/IP packet demultiplexer |
| tcpdump | Powerful and hugely respected command-line packet analyzer |
| sniffglue | Packet sniffer written in Rust |
| sniffer | Alternative network traffic sniffer |
| dsniff | Collection of tools for network auditing and penetration testing |
| ngrep | grep applied to the network layer |
| sniffit | CORBA based sniffer system with ncurses interactive mode |
| Jomon | Network forensics and sniffer tool |
This article has been revamped in line with our recent announcement.
 Read our complete collection of recommended free and open source software. Our curated compilation covers all categories of software. The software collection forms part of our series of informative articles for Linux enthusiasts. There are hundreds of in-depth reviews, open source alternatives to proprietary software from large corporations like Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. There are also fun things to try, hardware, free programming books and tutorials, and much more. |