Hello! I need to answer this question. The book is: "Computer Security and Penetration Testing e2". Thank you. Question:  How do sniffers work? Can they be used for ethical purposes?

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question

Hello! I need to answer this question. The book is: "Computer Security and Penetration Testing e2". Thank you.

Question: 

How do sniffers work? Can they be used for ethical purposes? 

Expert Solution
Definition and It's Work

Sniffing : 

When you transfer data to someone, it is broken down into small units called data packets. These data packets travel 
along the network path and reach the receiver in its’ original form. Just like eavesdropping, during this process, data packets may  be compromised by a third-party. 

Sniffers work : 

There are two main type of packet sniffers :  

Hardware Packet Sniffers 

A hardware packet sniffer is designed to be plugged into a network and analyze it. A hardware packet sniffer comes in handy when trying to examine traffic of a specific network segment. A hardware packet sniffer can ensure that there is no packet loss due to cause like filtering and routing. Ideally, a hardware packet analyzer stores the collected packets or forwards them on to a collector that logs the data collected by the hardware packet sniffer for further examination.

Software Packet Sniffers

Software packet sniffers are more common these days as they are open source. It is possible for any network interface attached to a network to receive every piece of network traffic that flows by, however, most are not configured to do so. A software packet sniffer configures the network interface so that is passes all network traffic.

This configuration is what is known as promiscuous mode, at least for most network adapters. Once a network interface is in the promiscuous mode, a packet sniffer functions to separate, reassemble and log all software packets that pass the interface. That traffic is then logged and used according to the packet sniffing requirements of the software.

A typical sniffing tool will be able to intercept:

  • The ports being used by each user
  • Web traffic (HTTP, HTTPS)
  • Mail traffic (IMAP, POP3, SMTP)
  • File transfer traffic (FTP, P2P)
  • Infrastructure traffic (DHCP, DNS, ICMP, SNMP)
  • Remote control (RDP, SSH, VNC)
  • Other UDP and TCP traffic

On a wired network, how much of this data can be collected depends on the structure of the network. Typically, it would take multiple packet sniffers to capture data on an entire network and since only the network traffic received by the network adapter is stored, traffic that exists on the other side of routers may not be visible.

On wireless networks, a Packet Sniffer typically only has access to one channel at a time. In order to capture data on multiple network segments, or multiple wireless channels, a packet sniffer is needed on each segment of the network.

steps

Step by step

Solved in 2 steps

Blurred answer
Knowledge Booster
Network Protection Strategies
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education