When it comes to sniffing packets, the tool I usually use is Ethereal, a fantastically powerful piece of software. Tony Howlett's book Open Source Security Tools: A Practical Guide to Security Applications covers Ethereal and many more. You can read a sample chapter, titled "Network Sniffers: Is Open Source Right for You?", online. In it, Howlett gives a great list explaining Ethereal's benefits over using straight tcpdump on the command line. Here's a brief outline of his list. After reading this, go check out the sample chapter & the book!

• Easy to use GUI
• More analytical & statistical options than command line
• Cleaner output format
• Supports over 300 network protocols
• Supports many physical network formats
• Interactively browse & sort captured data
• Save output in a variety of formats
• Display packets with color-coding
• Filter creation GUI makes it easy to create filters
• Follow a TCP stream & view it as a unified whole in ASCII
• Supports many capture programs, libraries, & hardware
• Save sessions in different formats
• Command-line terminal mode

(Check out all of our posts on Ethereal, tcpdump, and security.)