A network sniffer is an essential tool for any system/network administrator. The famous Ethereal used by the Linux has now a nice GUI (also for Windows), a different name and a new company behind it.
Wireshark works by catching all the traffic on one or more interfaces. To catch all the traffic on your network you need to set Wireshark to “promiscuous mode” and it will catch all traffic going through your network. For Linux Users many distributions will have it preinstalled or you can just look for it on your distro package manager (apt-get, Synaptic (APT GUI)) or you can just download it from the project’s website http://www.wireshark.org/download.html.
There’s a new instalation package for Windows and I’ve just updated mine, which used to crash and it now works perfectly.
Wireshark has many features and one of the most useful are the TCP stream track (Analyze/Follow TCP Stream) so you can follow complete TCP sessions. For more information and download go to the project’s website http://www.wireshark.org
The Linux Magazine ISSUE 80 (July 07) has a nice article on it http://www.linux-magazine.com/issue/80