What is Packet Sniffing Attack
Packet sniffing is the act of capturing packets of data flowing across a computer network. The software or device used to do this is called a packet sniffer. Most instant message (IM) programs send their data unencrypted, so if a user sends sensitive data such as logins, passwords, or banking information, it could be recorded by the packet sniffer and used by a malicious hacker. Some IM programs allow the user to encrypt communications. The packet sniffer will still record the data, but the hacker will not be able to read it because the data is encrypted.
Such a network attack starts with a tool such as Wireshark. Wireshark allows you to capture and examine data that is flowing across your network. Any data that is not encrypted is readable, and unfortunately, many types of traffic on your network are passed as unencrypted data — even passwords and other sensitive data.
In addition to capturing cleartext sessions, such as login traffic, an attacker can have an application that captures only specific data from a network, such as network authentication packets, which she then reviews to crack network passwords.
If you are using switch-based network, you make packet sniffing a little tougher. On a switch-based network, the sniffer will see only data going to and from the sniffer’s own network device or broadcast traffic, unless the attacker uses a monitoring port on a switch.
Did you find this tutorial helpful? Don’t forget to share your views with us.