Just found this comparative study of top 3 passive packet sniffers , Tcpdump VS. Wireshark VS. Colasoft Capsa

Packet Sniffer is a tool which captures all the packets on the network irrespective of the final destination of
the packet. Packet Sniffer could be used to monitor the bottlenecks in the network, alarm the irregular
behaviour in the network, capture passwords and VoIP from any system in that network. This paper gives a
brief introduction of what is a packet sniffer, its structure and what is its working. Then key features of top
packet sniffing tools (i.e. Wireshark, TCPdump and Colasoft Capsa) are discussed. Further, the above tools
are compared on the basis of characteristic behaviour and quantitative parameters. Finally, one gets the best
tool amongst these three in a particular situation.

Keywords: Packet Sniffer, Wireshark, Colasoft Capsa, TCPdump, Packet capture, Network monitoring


This study contains the introduction of packet sniffers , the key features of popular sniffers, characteristic evaluation
among TCPdump, Wireshark & Colasoft Capsa and many other useful information. I think this study is worth reading.

Related Links:

TCPdump : http://www.tcpdump.org/

Wireshark: http://www.wireshark.org/

Colasoft Capsa: http://www.colasoft.com/