A Sniffer is a program or tool that captures information over a network. There are 2 types of Sniffers: Commercial Sniffers and Underground Sniffers.
- Commercial Sniffers –
Commercial sniffers are used to maintain and monitor information over the network. These sniffers are used to detect network problems. Network General Corporation (NGC) is a company that offers commercial sniffers. These can be used for:
- Fault analysis to detect problems in a network.
- Performance analysis to detect network bottlenecks.
- Underground Sniffers –
Underground sniffers are malicious programs used by hackers to capture information over a network.when an underground sniffers installed on router, it can breach security of any network that passes through the router. It can capture:
- Confidential messages like email.
- Financial data like debit card details.
Components of a Sniffer:
To capture the information over the network sniffer uses the following components:
- Hardware –
Sniffers uses standard network adapters to capture network traffic.
- Capture Driver –
Capture Driver captures network traffic form Ethernet wire, filters that network traffic for information that you want and then stores the filtered information in a buffer.
- Buffer –
When a sniffer captures data from a network, it stores data in a buffer. There are 2 ways to store captured data –
- You can store data until buffer is filled with information
- It is the round robin method in which data in the buffer is always replaced by new data that is captured.
- Decoder –
The information that travels over the network is in binary format, which is not readable. you can use a decoder to interpret this information and display it in readable format. A decoder helps you analyze how information is passed from one computer to other.
Placement of Sniffer:
The most common places where you can place sniffers are:
- Cable wires
- Network segments connected to internet
Some common sniffer programs are: Ethereal, TCPDump, Snort.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Introduction and IPv4 Datagram Header
- Introduction of Classful IP Addressing
- Introduction of Firewall in Computer Network
- Introduction of MAC Address in Computer Network
- Introduction of Mobile Ad hoc Network (MANET)
- Cryptography Introduction
- Introduction of Internetworking
- Introduction of Virtual Router Redundancy Protocol (VRRP) and its configuration
- Introduction to Hadoop Distributed File System(HDFS)
- Introduction to Crypto-terminologies
- Introduction of Active Directory Domain Services
- Introduction of Variable Length Subnet Mask (VLSM)
- Introduction of Programming Paradigms
- Introduction of ALU and Data Path
- p5.js | Introduction
- Robotics Process Automation - An Introduction
- Introduction to RSS(Rich Summary Site)
- Introduction to Microsoft SMB; A network file sharing protocol
- Introduction of a Router
- Introduction to Multi-Task Learning(MTL) for Deep Learning
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.