Packet Capture and Decode - In this mode, Network Spy can be used to get a snapshot of data from an ethernet network. It is capable of decoding the most widely used IP protocols such as UCP, TCP and ICMP. It also allows you to save this data for later analysis. The decoded packets are displayed in human readable form.

Network Statistics gathering - In this mode, the amount of data attributed to a certain activity can be captured. For instance, if you want to monitor how much data is transferred between user x and excite.com, you can specify a rule to keep a track of amount of this data. Another example is keeping track of how much FTP data flows on your network.

Software Debugging - People programming network software and web applications will find this tool extremely useful. It can be used to debug application to find errors in code, compute bandwidth utilization and find bottlenecks.

Intrusion Detection and Activity Monitoring Using the new rules-based filtering mechanism, one can capture packets of interest, avoiding a huge capture of all packets on the network. A rule specifies a pattern to match. For instance, one could specify to capture all ICMP packets where TTL=1. This would be true when someone is performing a traceroute. Similarly, you could specify a rule to capture all TCP packets where destination port is 23 and the SYN flag is true to find out how see how many telnet connections are being established. Network Spy also includes various other tools such as DNS Lookup, Ping, TraceRoute and Whois to aid in everyday tasks.