RawCap is a tiny (17KB) command line packet sniffer for Windows that uses raw sockets.
The program is straightforward to use. Just launch it, choose your network interface from a list, enter an output file name if you like, and that's it: RawCap will capture all network traffic. Press Ctrl+Break when you're finished to make it stop.
Or, if you'd rather not use RawCap's interactive mode, you can provide your interface IP address and output file name at the command line, something like RawCap.exe 192.168.0.17 dumpfile.pcap
While there are plenty of packet sniffers around, RawCap wins out over many due to its sheer simplicity. It's small, needs no external support beyond .NET 2.0, makes minimal demands on RAM and your CPU, and yet works with most interface types (including wifi and PPP).
You do need administrative privileges to run RawCap, though. And as the authors note, raw socket sniffing in Windows Vista or higher can be unreliable: "you might not receive either incoming packets (Win7/8) or outgoing packets (Vista)" (XP works fine). Still, it's free, and easy to use - just download the program and see if it works for you.
Verdict:
A handy utility that deserves a place in every network geek's troubleshooting toolkit
Your Comments & Opinion
Monitor your network traffic in detail with this interesting forensic tool
Monitor and save your network traffic
Quickly view and edit your Windows network settings
Capture email/ web/ FTP passwords from network traffic
Recover lost passwords from network traffic
A powerful and flexible backup tool to protect your files for free
Major update to the portable version of the popular email client, but with a limited number of new features
Record which PC programs you're using, and for how long
Wireshark provides detailed information about network traffic and usage through deep analysis
The latest stable Chrome Portable includes a number of under-the-hood improvements
The latest stable Chrome Portable includes a number of under-the-hood improvements