The packet sniffer is a hacker technique that captures the data packets passing through a particular network interface. Its just like the wire tapping applied to a computer network. The Ethernet technology makes the information pass through all of the hosts attached to that segment. The popularity of switches installation made the packet sniffing a difficult job but packet sniffers can be installed at the routers and the servers that traverse a large data flow. The packets sniffers sniff through a lot of protocols. This hacking technique is difficultly detectable but detectable. The packet sniffing is a passive attack. It catches the incoming traffic so there is no erroneous traffic to look for which will identify the computer running a packet sniffer. Most of the remote sniffers use SNMP to sniff the packets because it has weak authentication.
Purpose of packet sniffing
The general purpose of the packet sniffing is to analyze the packets flow and the nature of data travelling. These packets can be captured too. Within a certain range the username and password is transmitted in a clear text unencrypted, this information can be stolen and manipulated.
Ethical packet sniffing
Packet sniffing can be deliberately installed at the network to monitor and analyze the network traffic. Usually the administrator is the legitimate user performing the packet sniffing of the entire segment or the subnet for security reasons. This is a very effective technique to point out the erroneous packets and bottlenecks in the network. These problems can be figured in time to facilitate efficient data transmission. Ethereal is a good packet sniffer and the monitor. Most of the corporate have ‘Distributed Sniffer Servers’ installed that are set up with easily guessable passwords.