A common purpose of sniffers is to do IDS - intrusion detection.

A machine on an appropriate network segment will look for patterns of traffic which are usually associated with intrusion attempts, and report them.

Traffic analysis is another common reason.

Programs like ethereal are also commonly used to diagnose problems - for example performance issues, or reliability problems with particular protocols.

Unfortunately blackhats sometimes use sniffers to grab passwords etc from protocols which don't have adequate encryption. TCP hijacking and the like are also possible.

Slarty