Do you know what packet sniffing is? Most of us might have heard this term either from a crazy hack-fiction movie or some report on malicious network attacks. Well, judging by the name, it’s quite natural that we relate packet sniffing to something malicious but it’s not quite right when you understand it deeply. A sniffing tool or packet sniffer is a common accessory for network experts, security advisors to analyze the network and diagnose any network related issues or malicious breaches in the network. Below are 3 of the best free sniffing tools or packet sniffers for Windows PCs.
While some of the malicious hackers use packet sniffers for analyzing someone else’s traffic and collecting sensitive information like passwords from your network bridge. In this article, I won’t be covering how to attack your neighbor with these packet sniffing tools but will give you some basic intro on how these tools work and some free packet sniffing tools for Windows PC. If you want to view the Wi-Fi password of the connected networks on Windows 10, read our tutorial.
How do Sniffing Tools Work?
A packet sniffer can view and analyze a wide variety of information that is being transmitted over the network and its connected nodes. A packet sniffer can either be software or hardware depending on the network infrastructure and can analyze sensitive information like usernames & passwords. They scan both inbound and outbound traffic for all the information transmitted over the network. When the data passes through the system, it captures and stores it in memory to analyze it later.
The analyzed data is then converted to a human-readable format so that the network experts can analyze the faults in their network. In layman terms, a packet analyzer is powerful enough to analyze all computers connected to a network and retrieve information like email contacts, messages, download history, browsing history and all audio/video activity on the network. There are many types of packet sniffing tools like ARP sniffing, IP sniffing, MAC sniffing, etc.
So, technically, you can view and monitor all that is happening on your network. It’s pretty good to see who in your network is consuming more network traffic and what websites they’re visiting. Let’s see some free packet sniffing tools for Windows PC which are pretty powerful for home networks.
The below-listed packet sniffing tools are free to use but come with an advisory tag not to use it for malicious purposes.
1. WireShark Packet Sniffer
Wireshark is the most popular free packet sniffing tool for Windows and comes as both freeware and premium software with annual subscriptions. This tool is quite popular for its accuracy and flexibility and will give you an ability to see what’s happening on your network at a microscopic level.
Here are some of its popular features.
- Deep inspection of hundreds of protocols, with more being added all the time, thanks to the huge developer community.
- Live capture and offline analysis.
- Standard three-pane packet browser.
- Multi-Platform support. Apart from Windows, this tool can run on other operating systems such as Linux, OS X, Solaris, FreeBSD, NetBSD, and many other platforms.
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.
- Rich VoIP analysis.
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.
- Coloring rules can be applied to the packet list for quick, intuitive analysis.
- Output can be exported to XML, PostScript®, CSV, or plain text.
You can download this awesome tool from the official website – wireshark.org
2. Smart Sniff
Smart Sniff is another popular packet sniffing tool for Windows which captures TCP/IP packets that pass through your network adapter. The captured data is displayed as a sequence of communications between client and server. You can view the output either in ASCII mode or as a hex dump. In order to use this utility, you need to install some compatible drivers on your PC which are loaded by the tool itself.
However, if you’re using some legacy OS like Windows 2000/2003/XP, you need to install the driver yourself. The unique feature of this tool is it supports a wide range of Windows platforms but there are some limitations on older platforms. You can download the Smart Sniff packet sniffing tool from the official website.
3. Microsoft Message Analyzer Sniffing Tool
If you’re worried about the authenticity of the above tools, Microsoft has its own packet analyzing tool known as Microsoft Message Analyzer. It is the successor of the popular “Microsoft Network Monitor” with some advanced upgrades. With Message Analyzer, you can capture live data or retrieve archived message collections from saved files such as traces and logs. Message Analyzer lets you view data in a default tree grid view or in selectable graphical views which include grids, charts, and timeline visualizer components.
Here are some of the features of the Message Analyzer as per the Microsoft blog.
- Integrated “live” event and message capture at various system levels and endpoints
- Parsing and validation of protocol messages and sequences
- Automatic parsing of event messages described by ETW manifests
- Summarized grid display – top level is “operations”, (requests matched with responses)
- User-controlled “on the fly” grouping by message attributes
- Ability to browse for logs of different types (.cap, .etl, .txt) and import them together
- Automatic re-assembly and ability to render payloads
- Ability to import text logs, parsing them into key element/value pairs
- Support for “Trace Scenarios” (one or more message providers, filters, and views)
You can download it Message Analyzer along with the required components for your version of the Windows operating system.
Update: Message Analyzer has been discontinued by Microsoft. The above download link will take you to the web archive page where you can still download it but we can’t tell for how long that link will work.