RawCap is a tiny (17KB) command line packet sniffer for Windows that uses raw sockets.
The program is straightforward to use. Just launch it, choose your network interface from a list, enter an output file name if you like, and that's it: RawCap will capture all network traffic. Press Ctrl+Break when you're finished to make it stop.
Or, if you'd rather not use RawCap's interactive mode, you can provide your interface IP address and output file name at the command line, something like RawCap.exe 192.168.0.17 dumpfile.pcap
While there are plenty of packet sniffers around, RawCap wins out over many due to its sheer simplicity. It's small, needs no external support beyond .NET 2.0, makes minimal demands on RAM and your CPU, and yet works with most interface types (including wifi and PPP).
You do need administrative privileges to run RawCap, though. And as the authors note, raw socket sniffing in Windows Vista or higher can be unreliable: "you might not receive either incoming packets (Win7/8) or outgoing packets (Vista)" (XP works fine). Still, it's free, and easy to use - just download the program and see if it works for you.
Verdict:
A handy utility that deserves a place in every network geek's troubleshooting toolkit
Your Comments & Opinion
Monitor your network traffic in detail with this interesting forensic tool
Monitor and save your network traffic
Quickly view and edit your Windows network settings
Capture email/ web/ FTP passwords from network traffic
Recover lost passwords from network traffic
A powerful and flexible backup tool to protect your files for free
Cut down on repetitive typing - and typos - with this versatile keyboard macro tool
Quickly preview all your fonts on a single page
Protect your personal privacy with this exceptionally thorough portable security tool
Find out everything you'll ever need to know about your PC with this comprehensive system information tool
Minor update to the popular email client, but with a limited number of new features