Network Monitor / Sniffer Tool

[nord1899]

Anyone know of a good network monitor or sniffer tool, especially with regards to Packet Capture (especially HTTP)?

I need one for my job and was trying to investigate what to use and google gave me this site. Thats a big list to go thru so I was wondering if anyone here has any experience with these.

Free would be nice, but if its really good, I'm sure I could get the company to swing for it. Oh yeah, I need it to run on both Win2k and WinXP, but other platforms would be a nice bonus.

Just in case the mods thing I am trying to hack something, I work in support and the product I work on involves a client-server model. I need a tool like this to make sure that the communications are what I think they are before any processing gets done on them.

Thanks.

 

[Nothinman]

If you do a search here you'll probably find Ethereal as one of the most recommended. It's Free, Open Source and runs on win32 and most unixes. There's even an ncurses version for unix so you don't need a GUI to run it, which is nice.

The only problem may be that libpcap (the library it depends on to get the packets from the network) doesn't work on SMP Win32 boxes.

 

[Czar]

my favorite is called Iris, not sure who makes it then I tried another one yesterday called Sniffer from network accociates and it seems nice so far.

 

[nord1899]

Ethereal seems cool. But is there any way to get it to capture the loopback communications? The netmon tool I had from MS was able to do that, but my temp license for it expired and I have yet to find a way to get it reactivated.

 

[Nothinman]

It's probably a limitation of libpcap on win32, which Ethereal uses to actually intercept the packets from the network. libpcap was written for unix first and foremost, so that site of it gets the most attention.

 

[dayg]

try Wildpackets Etherpeek.