About Sniffer
Results 1 to 8 of 8

Thread: About Sniffer

  1. #1
    Junior Member
    Join Date
    Aug 2003
    Posts
    10

    About Sniffer

    Hi.. I have a Question

    What's the main purpose of the sniffer(entire)?

    as far as i know, it leechs the flow of packet from the network....or somthing like that

    Can someone help me with this question.....

    thanx...
    Technology = Power

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Sniffers pick up all the traffic they can see on the network for future analysis. I say all the traffic they can see because on a switched network they will only be able to see a limited amount of the whole.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Junior Member
    Join Date
    Aug 2003
    Posts
    10
    so,. what sort of data that's often or the mainstream while sniffing ah
    Technology = Power

  4. #4
    Member
    Join Date
    Aug 2003
    Posts
    38
    Packet sniffers can be used for a variety of purposes, some of them benign, some of them malicious. The main use of packet sniffers for wrong doing is to scan target networks for vulnerabilities and gaps in security

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    A common purpose of sniffers is to do IDS - intrusion detection.

    A machine on an appropriate network segment will look for patterns of traffic which are usually associated with intrusion attempts, and report them.

    Traffic analysis is another common reason.

    Programs like ethereal are also commonly used to diagnose problems - for example performance issues, or reliability problems with particular protocols.

    Unfortunately blackhats sometimes use sniffers to grab passwords etc from protocols which don't have adequate encryption. TCP hijacking and the like are also possible.

    Slarty

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    Hcom,

    Also just to add to what others have stated, before you can appreciate the information a sniffer (protocol analyzer) can offer you, it is important to understand or atleast have a comfortable feeling with the inner workings of how TCP/IP works (assuming you are capturing TCP/IP packets ).

    Anyone can use a protocol analyzer and capture packets, however not everyone can make accurate analysis of the capture.. Understand the details of the TCP/IP protocols first, and you will really appreciate using a "sniffer".

    gunit

  7. #7
    Junior Member
    Join Date
    Aug 2003
    Posts
    7
    Just wondering: is a sniffer only used on networks or is it possible to use them to grab internet traffic?

    Somehow it seems rather impossible to me to install a sniffer somewhere on the www.

  8. #8
    Member
    Join Date
    Aug 2003
    Posts
    37
    "Sniffer" technology is famous for helping to determine why a network is too slow and/or why something is not working properly. Many top notch sniffer packages include summaries of high-layer protocols contained in the frame/s, the time of the capture and the source IP. This type of "Network Analysis" provides the network admin a host of tools and details to capture and decode data on the network, analyze network activity by specific protocols, network stats, and patterns.

    According to many experts; to be a successful network admin using Sniffer, you need a strong understanding of network protocols. This will help you understand and recognize odd issues when they occur on your target network.

    Check out this link for a nice cert.


    http://www.networkassociates.com/us/...r/benefits.htm

    DarkCarniv0l

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •