Flux rss
They need your help
ARP poisoning

Network analyzers (sniffers)

Port scanning
Bookmark Bookmark & Share
Analizzatori di rete (sniffers) analisadores redes (sniffers) Netzwerk-Analysator (sniffer) Analyseurs réseau (sniffers) Analizadores de red (rastreadores de puertos)

Network analysis

A "network analyzer" (also called a sniffer), is a device that makes it possible to "monitor" a network's traffic, that is, to capture information circulating on that network.

On an unswitched network, data are sent to all of the network's machines. Yet under normal use, machines ignore packets that are not addressed to them. As such, by using the network interface in a specific mode (generally called promiscuous mode), it is possible to monitor all of the traffic passing through a network adapter (an Ethernet network card, a wireless network card, etc.).

Use of the sniffer

A sniffer is an impressive tool that makes it possible to monitor a network's traffic. It is generally used by administrators to diagnose problems on their network and to find out about the traffic circulating on the network. Intrusion detection systems (IDS) are based on a sniffer to capture packets, and use a rules database to detect suspicious packets.

Unfortunately, like all administration tools, the sniffer can also be used by malicious individuals having physical access to the network to gather information. This risk is even higher on wireless networks since it is hard to confine radio waves to a limited area, so malicious persons can monitor traffic just by being in the neighbourhood.

The vast majority of Internet protocols convey information that is unscrambled, that is, that is not encrypted. Therefore, when a network user consults his messages via the POP or IMAP protocol or surfs the Internet on sites whose addresses do not start with HTTPS, all of the sent or received information can be intercepted. This is how specific sniffers have been developed by hackers in order to retrieve passwords circulating on networks.

Countermeasures

There are several ways to protect yourself from troubles that could arise due to the use of a sniffer on your network:

  • Use encrypted protocols for all communications with highly confidential content.
  • Segment the network to limit the spread of information. It is particularly preferable to use switches instead of hubs since they switch communications, which means that information is delivered only to the machines it is intended for.
  • User a sniffer detector. This is a tool that probes the network looking for hardware using promiscuous mode.
  • For wireless networks you are advised to reduce the power of your hardware so as to cover only the necessary surface area. This will not keep potential hackers from monitoring the network but will limit the geographic area where they can operate.

More information



Last update on Thursday October 16, 2008 02:43:15 PM.This document entitled « Network analyzers (sniffers) » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.
Creating a local area network Why set up a local area network? When you have several computers, it can be convenient to connect them to each other to create a local area network (LAN). Setting up such a network costs very little, contrary to what people may think. Here are a... en.kioskea.net/contents/configuration-reseau/creer-reseau-local.php3
Windows networking Networking in Windows 2000/XP To configure each computer, simply go to the control panel, then double-click "network connections" and right-click "local area connection", then choose properties! The local area connection window displays the... en.kioskea.net/contents/configuration-reseau/configurer-reseau-windows-xp.php3
Creating an ad hoc WiFi network Presentation of the ad hoc WiFi network If you have two or more computers equipped with wireless adapters (WiFi cards), it is possible to easily connect them in a network by setting up a so-called "ad hoc" network, that is, a computer-to-computer... en.kioskea.net/contents/configuration-reseau/creer-reseau-wifi-ad-hoc.php3
[Windows XP] Repairing the network connection using command line[Windows XP] Repairing the network connection using command lines Under Windows XP there is a small feature allowing you to repair a network connection. Go to the Network Connections options in Control panel (Control Panel / Network... en.kioskea.net/faq/sujet-848-windows-xp-repairing-the-network-connection-using-command-line
Introduction to network bridgeIntroduction to network bridge What is a bridge? XP network bridge: between a wired network and a WiFi network What is a bridge? A bridge has a foot in each network and acts on the link layer (level 2). It is able to pass frames from... en.kioskea.net/faq/sujet-2144-introduction-to-network-bridge
Using the MSN network on a mobile phone without having MessengerUsing the MSN network on a mobile phone without having Messenger installed The fist step is to download eBuddy on your computer, selecting the phone model and then click the "JAR File". Link: http://www.getjar.com/products/10717/eBuddy... en.kioskea.net/faq/sujet-1231-using-the-msn-network-on-a-mobile-phone-without-having-messenger
Results for Network analyzers (sniffers)
Network Controller driver???? (Solved)Dear all Due to a virus problem, I have had to install windows (xp) on my laptop but in device manager under other devices the following item has yellow question marks:- network controller As network controller driver is missing I can't connect to the... en.kioskea.net/forum/affich-5494-network-controller-driver
Changing network settings since the 9/25/08 (Solved)Hello, since the updates on my system (macbook 10.4.11) last Thursday I get a popup window saying, "your network settings have been changed by another application". I click "OK" but it comes right back. I change settings from work to a dial-up at home... en.kioskea.net/forum/affich-27175-changing-network-settings-since-the-9-25-08
Network Controller is not Working!!!!________________________________________ Dear all Due to a virus problem, I have had to install windows (xp) on my laptop but in device manager under other devices the following item has yellow question marks:- network controller As network controller... en.kioskea.net/forum/affich-5493-network-controller-is-not-working
Results for Network analyzers (sniffers)
Download PRTG Network MonitorThe availability of computer networks is becoming increasingly critical for the company because of the increasing integration of computers in all processes. Thus, system failures can cause serious losses. By continually monitoring your network and... en.kioskea.net/telecharger/telecharger-3317-prtg-network-monitor
Download Softperfect Network ScannerSoftPerfect Network Scanner allows to display the shared resources in a network as well as its characteristics: the used SNMP, user IP address, host's name, etc.... In addition, the software defines the types of resources which must be scanned. This... en.kioskea.net/telecharger/telecharger-2348-softperfect-network-scanner
Download Total Network MonitorTotal Network Monitor allows you to have a continuous control over the performance of your network, computers, network and system utilities which are essential for your network and must be supervised minutely. Total Network Monitor will alert in... en.kioskea.net/telecharger/telecharger-4643-total-network-monitor
Results for Network analyzers (sniffers)
Social network use by adult Americans on the rise: surveyHomepage of MySpace displayed on a computer monitor. Thirty-five percent of US Web users aged 18 or older have a profile on a social network such as Facebook, MySpace or LinkedIn, the Pew Internet & American Life Project survey found, up from just... en.kioskea.net/actualites/social-network-use-by-adult-americans-on-the-rise-survey-11805-actualite.php3
Rivalry in Japanese social networking sites heats upPeople surf the Internet at a Tokyo cybercafe in 2007. MySpace have launched new services in Japan, a day after Facebook launched a Japanese version amid growing competition here between social networking sites. MySpace launched new services in... en.kioskea.net/actualites/rivalry-in-japanese-social-networking-sites-heats-up-10391-actualite.php3
Results for Network analyzers (sniffers)
Types of networksDifferent types of networks Different types of (private) networks are distinguished based on their size (in terms of the number of machines), their data transfer speed, and their reach. Private networks are networks that belong to a single... en.kioskea.net/contents/initiation/types.php3
Creating an ad hoc WiFi networkPresentation of the ad hoc WiFi network If you have two or more computers equipped with wireless adapters (WiFi cards), it is possible to easily connect them in a network by setting up a so-called "ad hoc" network, that is, a computer-to-computer... en.kioskea.net/contents/configuration-reseau/configurer-routeur-wifi.php3
Network topologyWhat does "topology" mean? A computer network is made of computers which are linked to one another with communication lines (network cables, etc.) and hardware elements (network adapters, as well as other equipment for ensuring that data travels... en.kioskea.net/contents/initiation/topologi.php3
Results for Network analyzers (sniffers)