In a network there are many times there are troubles, some caused by traffics, virus, worms, etc. Many of this problem it's hard to detect without any tools that can show what it's passing throught the network. Many of these tools can be installed over a PC, others are in specialized computer. The tools that I show here are some that I have seen and tested once.

It's important to notice you that anyone who use this tools must have high ethical values and responsability, because, as they can shows raw paquetes, this can have very sensitive information, and IT SHOULD NOT BE USED AS A ESPIONAGE TOOLS.

These tools can be used in a wired LAN. The computer have to be connected in a hub, or, in the PORT MIRRONING port from a switch (this feature is not present in all switch). I don't know if this tools can be used in a wireless network.

TCPDUMP

This Open Source software is very common in UNIX OS. It's an command line software that shows packets that is passing throught the network. It's available at http://www.tcpdump.org/

Ethereal

This Open Source software available for UNIX and Windows. It shows the packets with decoding, filtering and statistic options with some friendly interface. It can be downloaded from http://www.ethereal.com/.

Iris Network Traffic Analyzer

This commercial software (with demo) have more functionality than Ethereal, such as filters saving, advanced statistics, packet reconstruction, packet capture, and others. It can be purchased from eEye Digital Security's website.

Etherpeek

This commercial software (with demo) have more functions than Iris, with more metering, filters options, graphs, and more. It can be found at Wildpackets's website.

Agilent Advisor

This is a commercial software that have two version, one that can be installed over any PC (Advisor Software Edition) and the other, which it's an specialized portable computer that can be used to analyze with many network interface, including STM1, E1, etc. The software edition there is a trial version, but, Universities can apply for a freeware edition that can be used as an Educational Tools. The main product website is here and the Software Edition is here

Sniffer Portable

Previously as Sniffer PRO it's a commercial software that works like other protocol analyzers. For more information, visit the Network General's website