SNIFFING is the use of a network interface to receive data not intended for the machine in which the interface resides.
- Network analyzers or SNIFFERS monitor network data. A sniffer is a piece of software that captures the traffic on a network.
- Sniffers usually act as network probes or "snoops" -- examining network traffic but NOT intercepting or altering it.
- Most sniffers work only with TCP/IP packets.
- A network analyzer or SNIFFER helps network administrators diagnose a variety of obscure problems that may not be visible on any one particular host.
- A sniffer can be a self-contained software program or a hardware device with the appropriate software or firmware programming.
- WIRESHARK is the most popular network sniffer.
Devices that incorporate sniffing are useful and necessary. However, their very existence implies that a malicious person could use such a device or modify an existing machine to snoop on network traffic. Sniffing programs could be used to gather passwords, read inter-machine e-mail, and examine client-server database records in transit. Besides these high-level data, low-level information might be used to mount an active attack on data in another computer system. For more information : SNIFFING : HOW IT THREATENS SECURITY
No comments:
Post a Comment