“A sniffer is any device, software or hardware, which grabs information traveling on a network. The purpose of a sniffer is to place the
network interface (Ethernet adapter) into promiscuous mode, and by doing so, to capture all network traffic. Promiscuous mode refers to
the mode where all workstations on a network listen to all traffic, not simply their own.”
As we have seen, sniffer attacks are difficult to detect and thwart because sniffers are passive programs. They don’t generate an evidence trail (logs), and when used properly, they don’t use a lot of disk and memory resources.
“Sniffers represent a high level of risk because: they can capture passwords; they can capture
confidential or proprietary information; and they can be used to breach security of neighboring networks, or gain leveraged access.”
“As we have seen, sniffer attacks are difficult to detect and thwart because sniffers are passive programs. They don’t generate an
evidence trail (logs), and when used properly, they don’t use a lot of disk and memory resources.”