Skip to content
Related Articles

Related Articles

Introduction to Sniffers

View Discussion
Improve Article
Save Article
  • Last Updated : 18 Oct, 2021
View Discussion
Improve Article
Save Article

A Sniffer is a program or tool that captures information over a network. There are 2 types of Sniffers: Commercial Sniffers and Underground Sniffers. 

  1. Commercial Sniffers – 
    Commercial sniffers are used to maintain and monitor information over the network. These sniffers are used to detect network problems. Network General Corporation (NGC) is a company that offers commercial sniffers. These can be used for: 
    1. Fault analysis to detect problems in a network. 
    2. Performance analysis to detect network bottlenecks. 
  2. Underground Sniffers – 
    Underground sniffers are malicious programs used by hackers to capture information over a network when underground sniffers are installed on the router, it can breach security of any network that passes through the router. It can capture: 
    1. Confidential messages like email. 
    2. Financial data like debit card details. 

Components of a Sniffer: 
To capture the information over the network sniffer uses the following components: 

  1. Hardware – 
    Sniffers use standard network adapters to capture network traffic. 
  2. Capture Driver – 
    Capture Driver captures network traffic from Ethernet wire, filters that network traffic for information that you want, and then stores the filtered information in a buffer. 
  3. Buffer – 
    When a sniffer captures data from a network, it stores data in a buffer. There are 2 ways to store captured data – 
    1. You can store data until the buffer is filled with information 
    2. It is the round-robin method in which data in the buffer is always replaced by new data that is captured. 
  4. Decoder – 
    The information that travels over the network is in binary format, which is not readable. you can use a decoder to interpret this information and display it in a readable format. A decoder helps you analyze how information is passed from one computer to other. 

Placement of Sniffer: 
The most common places where you can place sniffers are: 

  1. Computer 
  2. Cable wires 
  3. Routers 
  4. Network segments connected to the internet 

Some common sniffer programs are Ethereal, TCPDump, Snort.

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!