Tcpdump is a command-line network sniffing and parsing tool ported to several platforms.
Wireshark is similar to tcpdump, but with a graphical user interface and many advanced sorting
and filtering options. TcpDump is very economical in terms of memory since its installation file
size is just 484 KB. TcpDump does not have a user friendly Graphical User Interface (GUI). So
the user has to study those commands and get acquainted with the command prompt like screen.
The limitation plays a key role in not choosing it for use. On the other hand Wireshark has a very
good user friendly GUI, but its installation file size is 18 MB and after installation it will consume
81 MB in Windows and a hefty 449 MB in Linux. So in terms of memory requirements, it is very
expensive.
The Psniffer is written in Java unlike the other Sniffers that are written in C language The primary
motivation of this language was the need for a platform-independent (i.e., architecture neutral)
language that could be used to create software to be embedded in various consumer electronic
devices. Java is a programmer’s language that is cohesive and consistent, except for constraints
imposed by the Internet environment, Java gives the programmer, full control. Finally, Java is to
Internet programming where C was to system programming.
It captures packet, size of the packet, the source and destination machine IP addresses which are
involved in the packet transferring. It shows this process in graphical manner and the working of
different layers. It gives complete information about the captured packets; like which layers are
involved and which protocols are in use at a particular time. Finally, it has a facility to store the
information of the packets.