How does packet sniffing work?

Tutorials | Dec 26, 2017 |

A trending subject in the security world is encryption. Encryption is used to prevent packet-sniffing (also known as packet capturing or packet analyzing) attacks. Sniffing occurs when an unauthorized third party captures network packets destined for machines other than their own. Packet sniffing enables the attacker to look at transmitted content and may disclose passwords and secret data.

To use sniffing software, a hacker must have a promiscuous network card and specific packet driver software must be connected to the network section they want to sniff and must use sniffer software. By default, a network interface card (NIC) in a machine will regularly drop any traffic not destined for it. By placing the NIC in promiscuous mode, it will see any packet passing by it on the network wire. In order for a sniffer to gain traffic, it must physically be capable of capturing it. On switched networks, where each network drop is its own collision domain, packet sniffing by attackers can be more complex, but not impossible.

Packet-sniffing attacks are more popular in areas where several machine hosts share the same collision domain (such as a local LAN shared over an Ethernet hub) or over the Internet where the attacker might include a sniffer in between the source and destination traffic. For example, on a LAN, a limited privileged user may sniff traffic starting from an administrative account, hoping to get the password.

There are many open source sniffing tools, including tcpdump (or WinDump, the Windows version) and the easier-to-use Ethereal (ethereal.com).

Keywords: package, sniff, lan, world


comments powered by Disqus

Page 1 of 406  >  >>

Visa, MasterCard and Uber invest in Facebook's crypto currency


Jun 18, 2019 | Category: General | Comments

May be announced next week.

read more…

Google boss annoyed at Apple


Jun 17, 2019 | Category: IT | Comments

Think they are portrayed as corrupt during the unveiling of "Sign in with Apple".

read more…

Telegram exposed to massive DDoS attacks - claims China is behind


Jun 16, 2019 | Category: General | Comments

Linked to the demonstrations in Hong Kong.

read more…

Page 1 of 406  >  >>