Packet Sniffer

The special network Device Driver used for some packet sniffing software is said to operate in " Promiscuous Mode " as it listens to everything on the wire.

The versatility of packet sniffers means they can be used to:

Analyse network problems

Detect Network Intrusion attempts

Gain information for effecting a network intrusion

Monitor network usage

Gather and report network statistics

Filter suspect content from network traffic

Spy on other network users and collect sensitive information such as passwords (depending on any content Encryption methods which may be in use)

Reverse Engineer Protocols used over the network

Debug client/server communications

Wireless Sniffer

EXAMPLE USES

A packet sniffer for a Token Ring network could detect that the token has been lost or the presence of too many tokens (verifying the protocol).

A packet sniffer could detect that messages are being sent to a NIC , if the NIC did not report receiving the messages then this would localize the failure to the NIC.

A packet sniffer could detect excessive messages being sent by a port, detecting an error in the implementation.

A packet sniffer could collect statistics on the amount of traffic (number of messages) from a process detecting the need for more bandwidth or a better method.

A packet sniffer could be used to extract messages and reassemble into a compete form the traffic from a process, allowing it to be reverse engineered.

WELL-KNOWN PACKET SNIFFERS (ALPHABETICAL)

AiroPeek

DSniff

Ethereal

EtherPeek

Ettercap

Network General

Network Instruments Observer

OmniPeek

PRTG

Snoop (Solaris)

Tcpdump

EXTERNAL LINKS

Packet Sniffing FAQ (by Robert Graham) (Down)

PacketDefense

Sniffer - Basics and Detection (PDF)

Free/open source packet sniffers:

--- Ethereal

--- tcpdump

--- WinDump

--- Analyzer

--- Packetyzer

--- IPDump2, a portable packet sniffer

Commercial packet sniffers:

--- Agilent Network Analyzers

--- Hammer Call Analyzer

--- Network General – Sniffer (the original packet sniffer)

--- Netlogger

--- Netmon Monitoring Suite – Appliance-based system offering layer 2,3 and 4 protocol analysis

--- CommView

--- Ultra Network

--- WildPackets EtherPeek, AiroPeek, OmniPeek

--- Distinct Network Monitor

--- Microsoft Network Monitor (version bundled with server editions of Windows )

--- Microsoft Network Monitor (version that comes with Microsoft Systems Management Server )

--- NetWitness - Network Monitor, Intrusion Analysis

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

	CATEGORIES ABOUT PACKET SNIFFER

	network analyzers

	packets

Information About

Packet Sniffer