Packet sniffers (also known as
Network Analyzers or
Ethernet Sniffers) are
software programs that can see the traffic passing over a
network or part of a network. As data streams travel back and forth over the network, the program captures each
packet and eventually decodes it's content following the
RFC (Request for comments) specification. Depending on the network structure (
hub or
switch) one can sniff all or only parts of the traffic from a single machine within the network. The special network
device driver used for some packet sniffing software is said to be 'promiscious' as it listens to everything (on the wire).
The usage of Packet Sniffers is versatile, one can use it to:
- Troubleshoot a network
- Detect intrusion attempts
- Monitor the network usage and filter for suspect content
- Spy on other network users and attempt to collect their passwords
Packet Sniffing FAQ (by Robert Graham):
http://www.robertgraham.com/pubs/sniffing-faq
Packet Sniffers:
http://www.sniff-em.com
http://www.ethereal.com
All Wikipedia text
is available under the
terms of the GNU Free Documentation License