I've recently made a complete switch to linux (with the exception of my windows VM's of course). So perusing the open source community has been tons of fun and enlightening. My question is about the linux communities favorite network sniffers/protocol analyzers. I got really excited about ettercap, but I've run into several issues while running it in 9.04. I'm assuming these issues are due to ettercaps age and lack of updates for the past few years. I have played around with wireshark as well, but would prefer something with a simpler interface. Does anyone have any suggestions?

Tcpdump and everything based on it. Read the man page - pretty simple.

There is wireshark and its terminal counterpart tshark.

There is wireshark and its terminal counterpart tshark.


I have used Wireshark for around a year now, under Ubu and Vista.

Still dont know how to use all its functionality, but for keeping an eye on things ingeneral, it works fine for me.