Any time I need network analysis I turn to Wireshark. Wireshark is, in my opinion, the defacto standard for network protocol analyzers . Not only is it incredibly powerful, useful, and user-friendly it is also FREE! But what exactly is Wireshark? Simple: Wireshark is a network protocol analyzer that watches and logs all incoming and outgoing traffic as defined by your needs. This tool can not only read traffic live, it can read traffic from a previous dump. And it can read files from other applications such as tcpdump and Microsoft Network Analyzer.
Wireshark also offers some really great tools that help to make your network analysis much easier. Two of these tools (Filters and Expert Infos) I will highlight in this tutorial.

The link for this article located at ghacks is no longer available.