Skip to content
Related Articles

Related Articles

Improve Article

Introduction to Sniffers

  • Last Updated : 12 Nov, 2018

A Sniffer is a program or tool that captures information over a network. There are 2 types of Sniffers: Commercial Sniffers and Underground Sniffers.

  1. Commercial Sniffers –
    Commercial sniffers are used to maintain and monitor information over the network. These sniffers are used to detect network problems. Network General Corporation (NGC) is a company that offers commercial sniffers. These can be used for:
    1. Fault analysis to detect problems in a network.
    2. Performance analysis to detect network bottlenecks.

  2. Underground Sniffers –
    Underground sniffers are malicious programs used by hackers to capture information over a network.when an underground sniffers installed on router, it can breach security of any network that passes through the router. It can capture:
    1. Confidential messages like email.
    2. Financial data like debit card details.

Components of a Sniffer:
To capture the information over the network sniffer uses the following components:

  1. Hardware –
    Sniffers uses standard network adapters to capture network traffic.
  2. Capture Driver –
    Capture Driver captures network traffic form Ethernet wire, filters that network traffic for information that you want and then stores the filtered information in a buffer.

  3. Buffer –
    When a sniffer captures data from a network, it stores data in a buffer. There are 2 ways to store captured data –

    1. You can store data until buffer is filled with information
    2. It is the round robin method in which data in the buffer is always replaced by new data that is captured.

  4. Decoder –
    The information that travels over the network is in binary format, which is not readable. you can use a decoder to interpret this information and display it in readable format. A decoder helps you analyze how information is passed from one computer to other.

Placement of Sniffer:
The most common places where you can place sniffers are:

  1. Computer
  2. Cable wires
  3. Routers
  4. Network segments connected to internet

Some common sniffer programs are: Ethereal, TCPDump, Snort.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.


My Personal Notes arrow_drop_up
Recommended Articles
Page :