Packet analyzer

A packet analyzer (also known as a network analyzer, protocol analyzer or packet sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.

Uses of packet analyzer:

• Analyze network problems
• Detect network intrusion attempts
• Detect network misuse by internal and external users
• Documenting regulatory compliance through logging all perimeter and endpoint traffic
• Gain information for effecting a network intrusion
• Isolate exploited systems
• Monitor WAN bandwidth utilization
• Monitor network usage (including internal and external users and systems)
• Monitor data-in-motion
• Monitor WAN and endpoint security status
• Gather and report network statistics
• Filter suspect content from network traffic
• Serve as primary data source for day-to-day network monitoring and management
• Spy on other network users and collect sensitive information such as login details or users cookies (depending on any content encryption methods that may be in use)
• Reverse engineer proprietary protocols used over the network
• Debug client/server communications
• Debug network protocol implementations
• Verify adds, moves and changes
• Verify internal control system effectiveness (firewalls, access control, Web filter, spam filter, proxy)

A list of few sniffers available for download from the Internet:
http://sectools.org/tag/sniffers/

Screenshots of major packet sniffer applications:


1) Wireshark:

http://upload.wikimedia.org/wikipedia/commons/0/03/Wireshark_screenshot.png

2) Cain and Abel:

http://www.ntpro.nl/blog/uploads/Cain.jpg

Source:

http://en.wikipedia.org/wiki/Packet_analyzer