Packet sniffer is computer software or hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel back and forth over the network, the sniffer captures each packet and eventually decodes and analyses its content according to the appropriate RFC or other specifications.
It is the way through which intruders (someone who intrudes on the privacy or property of another without permission) get access to systems on our network. They simply employ a packet sniffer on a host which is already liable to danger. The "sniffer" listens on the Ethernet port for things like passwords/logins in the packet stream. After getting this type of information it is easy for them to log into that traffic. This is an easy way for attackers to gain system passwords without even trying to break into. "Clear-text" passwords are very defenseless to this type of security attack.
Example: Host X is suspected or exposed to danger. Intruder simply installs a sniffer. Sniffer will get an administrator's login information into Host Y from Host Z. It will get the administrator's personal password as he gets login into Y. Now if the administrator lets someone telnet from his account to Host S on some other site. In this situation the attacker will be having the login password on Host S.
Nowadays the intruder doesn't have any need to compromise a system to implement sniffers. One can also bring a laptop or PC into a building to tap into net. If we use ssh or some other encrypted password security methods, we can avoid this attack. APOP for POP accounts is also helpful in preventing this attack.
Example: Host X is suspected or exposed to danger. Intruder simply installs a sniffer. Sniffer will get an administrator's login information into Host Y from Host Z. It will get the administrator's personal password as he gets login into Y. Now if the administrator lets someone telnet from his account to Host S on some other site. In this situation the attacker will be having the login password on Host S.
Nowadays the intruder doesn't have any need to compromise a system to implement sniffers. One can also bring a laptop or PC into a building to tap into net. If we use ssh or some other encrypted password security methods, we can avoid this attack. APOP for POP accounts is also helpful in preventing this attack.
It is the way through which intruders (someone who intrudes on the privacy or property of another without permission) get access to systems on our network. They simply employ a packet sniffer on a host which is already liable to danger. The "sniffer" listens on the Ethernet port for things like passwords/logins in the packet stream. After getting this type of information it is easy for them to log into that traffic. This is an easy way for attackers to gain system passwords without even trying to break into. "Clear-text" passwords are very defenceless to this type of security attack.
Example: Host X is suspected or exposed to danger. Intruder simply installs a sniffer. Sniffer will get an administrator's login information into Host Y from Host Z. It will get the administrator's personal password as he gets login into Y. Now if the administrator lets someone telnet from his account to Host S on some other site. In this situation the attacker will be having the login password on Host S.
Nowadays the intruder doesn't have any need to compromise a system to implement sniffers. One can also bring a laptop or pc into a building to tap into net. If we use ssh or some other encrypted password security methods, we can avoid this attack. APOP for POP accounts is also helpful in preventing this attack.
Example: Host X is suspected or exposed to danger. Intruder simply installs a sniffer. Sniffer will get an administrator's login information into Host Y from Host Z. It will get the administrator's personal password as he gets login into Y. Now if the administrator lets someone telnet from his account to Host S on some other site. In this situation the attacker will be having the login password on Host S.
Nowadays the intruder doesn't have any need to compromise a system to implement sniffers. One can also bring a laptop or pc into a building to tap into net. If we use ssh or some other encrypted password security methods, we can avoid this attack. APOP for POP accounts is also helpful in preventing this attack.