dcsimg

Linux.com: Who's Sniffing Your Network?

By ServerWatch Staff (Send Email)
Posted Jun 5, 2000


"A sniffer is any device, software or hardware, which grabs information traveling on a network. The purpose of a sniffer is to place the network interface (Ethernet adapter) into promiscuous mode, and by doing so, to capture all network traffic. Promiscuous mode refers to the mode where all workstations on a network listen to all traffic, not simply their own." As we have seen, sniffer attacks are difficult to detect and thwart because sniffers are passive programs. They don't generate an evidence trail (logs), and when used properly, they don't use a lot of disk and memory resources.

"Sniffers represent a high level of risk because: they can capture passwords; they can capture confidential or proprietary information; and they can be used to breach security of neighboring networks, or gain leveraged access."

"As we have seen, sniffer attacks are difficult to detect and thwart because sniffers are passive programs. They don't generate an evidence trail (logs), and when used properly, they don't use a lot of disk and memory resources."

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.