When Should we Use it?
With Wireshark: Say, for instance if you want to know why the site is slow. By using Wireshark to capture packets, you can tell that there are delays in the communication between your computer and the web server.
With tcpdump: It is possible that your server has unexpected network activity. The network interface packets of the server can be captured by tcpdump tool–you will see if there is doubtful traffic.
Packet Sniffing and Network Analysis Tools: Wireshark, tcpdump
Packet sniffing means intercepting data packets as they pass through a network, just like looking inside envelopes in the mail. Experts use tools like Wireshark and tcpdump to track, troubleshoot, or secure networks. The packet analyzer Wireshark, or just Shark for short, functions as a magnifying glass; it captures and organizes the packets so you can gyrate over them looking for bugs in order to squash those wicked computer programs. tcpdump is even faster than sharks at grabbing data off of lines that run into walls. It doesn’t have an interface but In general, packet sniffing tools offer close monitoring of network data flow and protect networks.