Network security scanners – Wireshark, KisMAC and Kismet
Wireshark: Probably the best … sniffer in the world
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is an fabulous open source network protocol analyzer for Unix and Windows. It allows you to examine information from a live network or from a capture file on disk. you can interactively browse the capture information, delving down in to just the level of packet detail you require. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be cautious of running it on untrusted or hostile networks (such as security conferences).
This popular stumbler for Mac OS X offers plenty of of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a GUI & was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import & logging, & even some decryption & deauthentication assaults.
Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, & intrusion detection process. It identifies networks by passively sniffing (as against more active tools such as NetStumbler), & can even decloak hidden (non-beaconing) networks in the event that we’re in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, & DHCP packets, log traffic in Wireshark/TCPDump compatible format, & even plot detected networks & estimated ranges on downloaded maps. As you might expect, this device is usually used for wardriving.