When you transfer data to someone, it is broken down into small units called data packets. These data packets travel along the network path and reach the receiver in its’ original form. Just like eavesdropping, during this process, data packets may be compromised by a third-party. This is called Packet Sniffing.
Packet sniffing has many legitimate uses. Network engineers can use it to diagnose and troubleshoot network problems or to gather statistics about the performance of a given network. With the right privileges, it also gives them a detailed view of how devices connected to a network are communicating with each other, and so is invaluable when it comes to setting up strong security and encryption protocols in corporate environments.
However, Packet Sniffing also has less innocent uses. Because the technique is such a powerful way of accessing network traffic, including sensitive and confidential data, it has also become part of the hacker’s standard toolkit.
Packet Sniffers are the tools or packet sniffing software used to perform packet sniffing. The two types of packet sniffers are; filtered and unfiltered, where filtered is the one where only specific data packets are collected leaving out some information and the unfiltered being where all the data packets are collected.
With the help of a Packet Sniffer, an attacker can (potentially) read all of the information being passed across a network. This includes the contents of emails, passwords, and potentially even financial information. Doing this requires that an attacker has the right privileges, of course, but these can often be obtained using a variety of other hacking tools, such as a man in the middle attack.
The best way to prevent your packets being intercepted is to use a Virtual Private Network (VPN). VPNs work by creating an encrypted ‘tunnel' between your devices and the websites you visit. The best VPNs use military-grade encryption protocols that ensure that no-one, not even the government, can read the packets you send and receive.
The first thing to understand is that Packet Sniffers come in a variety of types and forms. In corporate environments, network engineers have a legitimate need to understand the operation of the networks they look after, and they mostly have physical access to network hardware. In this case, Packet Sniffers are generally single-purpose pieces of hardware that are directly installed on network nodes.
Other types of Packet Sniffer are available. Some of the most dangerous types are software-based sniffers that can run on a standard laptop. These make use of the network hardware provided on conventional computers and turn this into a powerful tool for listening in to everything happening on a network.
Packet Sniffers can collect many types of data. A typical sniffer will be able to intercept:
On a wired network, how much of this data can be collected depends on the structure of the network.
On a wireless network, Packet Sniffers typically only have access to one channel at a time.
Ideally, Government Agencies use Packet Sniffing to ensure data security, track an organisation's data or monitor internet traffic.
Businesses and Advertising Agencies may resort to Packet Sniffing as a source of making their advertisements available to more people surfing the internet, analyze their behaviors and alter their tastes and preferences.
Your ISP tracks your online activity to see if you are trying to access any malicious content or using up more bandwidth then what you have paid for.
You can undoubtedly use a Packet Sniffer on a network that you own, such as your home Wi-Fi network. If you’re thinking about using a Packet Sniffer on a public network, the best advice is not to, however, it depends on the laws that prevail in your home country.
The most popular Packet Sniffer is Wireshark, which was previously known as Ethereal, though there are plenty of other options available.
In the vast majority of countries, using a VPN is perfectly legal, and even recommended if you are working with critical or sensitive information.
That being said, if you are traveling it is worth checking if the country you are in allows you to use your VPN: it is better to be safe than sorry.
Take a look at our other guides to ensure you can spot other types of attack.