What You Need to Know About Packet Sniffers

Today we are going to discuss the practice of data packet sniffing. We’ll talk about what it is, why it’s done, and how it relates to network security. There are software tools that can assist in this endeavor, and we will show you how to use a free packet sniffer application.

What is a Data Packet?

A data packet is a small, discrete amount of data that is sent over a network such as the Internet. The length of a packet is measured in bytes. There is a maximum limit to the size of a packet depending on the protocol being used. For instance, the maximum transmission unit (MTU) on the Internet’s IP protocol is 1500 bytes. Large messages, such as e-mails and other transferred files, are broken into packets before being transmitted over the network.

Besides the actual informational content of the data packet, it also contains a header and footer containing packet details based on the protocol being used for transmission. The header usually contains the IP addresses that the packet originated from and its destination. Footers may be used for error correction and other functions.

What is a Packet Sniffer?

According to techopedia.com, a packet sniffer is a hardware or software tool that intercepts data flowing through a network. Packet sniffers are also known as network sniffers. Dedicated hardware solutions are often used by network engineers. Network sniffer tools are available as software and can be found for just about any platform that you use. WiFi packet sniffing has become more prevalent as the growth of WiFi networks makes them an easy target.

How Does a Packet Sniffer Work?

In order to understand how a packet sniffer works, let’s take a step back and take a quick look at the basics of sending data over a network. In most computer networks, all traffic is ignored by a specific machine unless the communication is addressed to that machine. Though the data is directed at one machine, theoretically it can be accessed by many machines on the network.

Packet sniffers take advantage of this fact. A software packet sniffer commands the computer’s network interface card (NIC) to stop ignoring the traffic and start receiving communications from every computer on a network segment. With a packet sniffer, all data flowing through a network can potentially be accessed by unauthorized personnel.

Sniffing can be either filtered or unfiltered. Filtered sniffing will capture only specific data packets whereas unfiltered sniffing intercepts all data packets on the network.

Uses of a Packet Sniffer

Packet sniffers can be used for a variety of reasons. Some of these are perfectly valid and are necessary to ensure proper functionality of the network. Others are not technically illegal but may cause some privacy concerns in individuals using the Internet. As with most powerful tools, there are also malicious users of packet sniffers who are definitely committing illegal acts.

In most countries, it is illegal to attempt to crack or sniff the data on any network other than your own or one that you have explicit permission to use.

  • Hackers and crackers are likely to use a packet sniffer in attempts to illegally collect information about networks that they are not authorized to access.
  • Internet Service Providers (ISPs) use packet sniffing to track your online activities including sites you visit, downloads you make, and contents of emails that you send. There are significant privacy concerns regarding the collection and use of this kind of data. Your company may also be monitoring your network usage in this way.
  • Government agencies make use of packet sniffing to ensure network data security and to track an organization’s unencrypted data.
  • Internet advertising agencies might employ packet sniffers to inject ads into network data packets to increase their per click revenue.

Why Use a Packet Sniffer?

If you are a network administrator, you may be using either a hardware or software sniffer to monitor and test your network traffic. In either case, it is a critical tool that enables you to decipher the data transmission across your network.

Network security analysts will also want to make use of a sniffer to search for unauthorized traffic or to ensure that all data is properly encrypted and flowing as it should be. Foiling intended injection attacks are one of the potential uses of a sniffer for the security team.

Home users who are interested in the network traffic generated by their WiFi network can make use of a packet sniffer. It is only legal for you to monitor your own network, so resist the temptation to see what’s up on the neighbors’ WiFi.

If you are trying to gain unauthorized access to a network, a packet sniffer is an indispensable tool. You will be trying to intercept clear text user credentials or other sensitive material that allows you to compromise the users or network in which you are intruding. We will discuss how to minimize the damage that these perpetrators can cause to your network a little later in this article.

Is KisMAC a Packet Sniffer?

KisMAC is a WiFi stumbler and sniffer tool that runs on the Mac OS. It is available as a free download and allows the user to perform a number of functions regarding WiFi networks. It employs monitor mode and passive scanning, giving it an advantage over some other sniffing tools.

KisMAC can only be run on the Mac OS, but there are packet sniffers for Windows as well, such as Wireshark and Free Network Analyzer. Mobile users can download a packet sniffer for Android such as zAnti but you will need to root your device in order to run the application.

How Can I Protect My Network and Data?

Before the advent of WiFi, your home network was much less likely to be attacked. There would need to be a physical connection to allow an intruder to access your network traffic. That’s not how it is with WiFi. Your network can be accessed by your neighbors or someone sitting in a car outside your building. Network security is a subject that should be important to anyone who has a wireless network in their home.

You also need to be cognizant of the dangers of using public WiFi for any transactions where sensitive data may be shared. They are notorious for being the target of hackers, one of whom might be sitting right across from you as you sip your coffee.

Here are some tips to protect your network and data.

  • Secure your home WiFi network – Use your WiFi router’s software and set the encryption to WPA2. Choose a strong password and don’t let anyone you don’t know have access to the network. This includes your friendly telephone repairman.

 

  • Beware Public WiFi hotspots – Make sure you are using encryption and are always logging into an https site which indicates it is a secured connection. Turn off your auto connect feature on mobile devices to avoid inadvertently connecting to an unsecured network. Do not perform any financial or banking transactions when logged into the public, unsecured networks.

 

  • Password security  – Use different passwords for different accounts. This way if one is compromised all of your accounts will not be vulnerable. Also always use passwords that are at least 9 and preferably 12 characters long to eliminate the potential for them to be hacked.

Unsecured data traveling through a network is a ripe target for unethical or malicious individuals to attack. Make every effort possible to safeguard yourself and your personal data from being compromised.

 

Related Articles