See Our team
Wondering how we keep quality?
Got unsolved questions? Ask Questions
GATE
GMAT
CBSE
NCERT
Career
Interview
Railway
UPSC
NID
NIFT-UG
NIFT-PG
PHP
AJAX
JavaScript
Node Js
Shell Script
Research
Packet Sniffers
How to study this subject
A packet sniffer, the network
analyzer, is a wire-tap device that plugs into computer networks and
eavesdrops on the network traffic. To capture the information going over
the network is called sniffing. It is a "sniffing" program that lets
someone listen in on computer conversations. However, computer
conversations consist of apparently random binary data. Therefore,
network wiretap programs also come with a feature known as "protocol
analysis", which allow them to "decode" the computer traffic and make
sense of it. These tools known as network sniffers are named after a
product called the Sniffer Network Analyzer. Introduced in 1988 by
Network General Corp. (now Network Associates Inc.), the Sniffer was one
of the first devices that let managers sit at their desks and take the
pulse of the larger network. The original sniffers read the message
headers of data packets on the network, giving administrators details
about the addresses of senders and receivers, file sizes and other
low-level information about those packets, in addition to verifying
transmission. Using graphs and text-based descriptions, sniffers helped
network managers evaluate and diagnose performance problems with
servers, the network wire, hubs and applications.
They help keep networks humming, but they can also be used by hackers to uncover user names and passwords from data packets traveling across public or private WANs. Encrypting the headers of data packets (using the Secure Sockets Layer standard in browser-based environments, for example) thwarts sniffer-assisted password thefts.
Sniffing also has one advantage over telephone wiretaps: many networks use "shared media". Sharing means that computers can receive information that was intended for other machines. This means that you don't need to break into a wiring closet to install your wiretap, you can do it from almost any network connection to eavesdrop on your neighbors. However, this "shared" technology is moving quickly toward "switched" technology where this will no longer be possible, which means you will have to actually tap into the wire.
A sniffer being used on a network to snoop passwords and anything else is considered to be a passive attack. A passive attack is one that doesn't directly intrude onto a foreign network or computer. On the other hand, an active attack directly interfaces with a remote machine. Remote buffer overflows, network floods and other similar attacks fall under the category of an active attack . By nature, passive attacks are not meant to be discovered by the person(s) being attacked. At no point should they have indication of your activity. This makes sniffers just as serious as any active attack
They help keep networks humming, but they can also be used by hackers to uncover user names and passwords from data packets traveling across public or private WANs. Encrypting the headers of data packets (using the Secure Sockets Layer standard in browser-based environments, for example) thwarts sniffer-assisted password thefts.
Sniffing also has one advantage over telephone wiretaps: many networks use "shared media". Sharing means that computers can receive information that was intended for other machines. This means that you don't need to break into a wiring closet to install your wiretap, you can do it from almost any network connection to eavesdrop on your neighbors. However, this "shared" technology is moving quickly toward "switched" technology where this will no longer be possible, which means you will have to actually tap into the wire.
A sniffer being used on a network to snoop passwords and anything else is considered to be a passive attack. A passive attack is one that doesn't directly intrude onto a foreign network or computer. On the other hand, an active attack directly interfaces with a remote machine. Remote buffer overflows, network floods and other similar attacks fall under the category of an active attack . By nature, passive attacks are not meant to be discovered by the person(s) being attacked. At no point should they have indication of your activity. This makes sniffers just as serious as any active attack
Official Notes
Add contents here
Notes from other sources
Model question papers
Add contents here
Previous year question papers
Add contents here
Useful links
Add contents here
Editors
RajivRajivRajivRajiv
Checkout our YouTube channel for video tutorials and learn more about Eduladder.
New updates