Printer Friendly
The Free Library
14,669,463 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

The Evil Packet Sniffer


A "Packet Sniffer" is a utility that sniffs without modifying the network''s packets in any way.

By comparison, a firewall sees all of a computer''s packet traffic as well, but it has the ability to block and drop any packets that its programming dictates. Packet sniffers merely watch, display, and log this traffic.

One disturbingly powerful aspect of packet sniffers is their ability to place the hosting
machine''s network adapter into "promiscuous mode." Network adapters running in promiscuous mode receive not only the data directed to the machine hosting the sniffing software, but also ALL of the traffic on the physically connected local network.

In order to view an entire network session you will have to reassemble the packets back into sessions.

To do so you will have to know deeply IP and TCP protocols.

Reassembling the packets is not an easy task because some packets are lost on the way and the others do not come at the right order, but once you do that you are capable to "read" the entire network.

After you have learnt to reassemble packets you will have the ability to develop several "evil" components:

1. One thing you can do is to read the outgoing and/or incoming emails. The email protocol is called SMTP and is sent via PORT 25.

2. Do not forget the FTP protocol ( PORT 21 ), it might come in handy.

3. Monitor the HTTP protocol ( port 80 ) which is the World Wide Web. By doing so you will know which websites have been visited, files that have been uploaded to the web or downloaded from the web, text that was sent and so on.

While those things are considered inappropriate and your colleagues will probably not like it, sometimes it is needed for security reasons.

If you are a programmer and you want to start exploring the subject then I suggest you start with my free basic TCP sniffer which is available for download here:

http://www.noviway.com/Code/Basic-TCP-Sniffer.aspx

Good luck and happy sniffing!

Eran Aharonovich www.Noviway.com www.RTGate.com

Copyright (c) 2007 Free Online Library
This article can be reproduced subject to these terms. Syndicate this article. More free articles for syndication

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Author:Ron Shelf
Publication:Computers and Internet community
Geographic Code:1USA
Date:Dec 13, 2007
Words:378
Previous Article:Content Management - Fusion of Technology and Creativity
Next Article:More than Just Tips on Cooking Healthy Food



Related Articles
NTT DOCOMO SELECTS SNIFFER SOLUTIONS TO TEST ONE OF THE WORLD'S FIRST THIRD GENERATION WIRELESS INTERNET.(Company Business and Marketing)
Application Performance Monitoring: Black Art Or Incipient Science?(Industry Trend or Event)
Keep traffic flowing. (New Products).
Endace Introduces Range of High Performance Snort(R) Sensors.
Worldwide surge in encrypted torrents.(Security Report)
Watch Your Language the Problem with Private Label Rights Articles
Measuring IPTV QOS (Quality of Service)
What Is MDI - Media Delivery Index?
Islam 101- What Is the Qur'An?
A History of Some Christmas Traditions

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles