Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
- - Wireshark is the most popular Windows, Mac & Linux alternative to tcpdump.
- - Wireshark is the most popular Open Source & free alternative to tcpdump.
Opinions about Wireshark as a Alternative to tcpdump
Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce.
tcpflow, a TCP Flow Recorder, is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but...
httpry is a tool designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse and/or log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process...
justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances and extract http content.