A Packet Sniffer is a program that can record and filter network traffic on a machine or network switch.

Most of these programs (on Linux at least) use the pcap (Packet Capture) library.

Snort includes packet sniffing capabilities.

tcpdump(8) is a command line sniffer.

A pretty-yet-powerful packet sniffer is Wireshark (née Ethereal), which uses a point-and-click GUI.

Handy Hint: If you are on a "small footprint" machine, where you have access to tcpdump, but not ethereal, you can use tcpdump with -w filename, and then load filename into ethereal on another machine for a more detailed analysis.

Part of CategoryNetworking. See also packet(7).