Network packet sniffers are used to monitor information sent over a network. These may be hardware or software, depending on the type of sniffer and its overall purpose. Network packet sniffers collect packets out of a network data stream, decode them and read their information. Sniffers are used for a wide range of legitimate and illicit functions, from troubleshooting network problems to stealing passwords and sensitive information.
The technology that eventually became network packet sniffers grew up with network computing. In the early days of networking, information was constantly being lost or corrupted in transit. Early network hardware and software contained many problems, both in their coding and physical construction, which compounded the errors. Sniffing programs could read data before and after network junction points to locate areas where data was becoming corrupt. This helped move the technology forward until network transmissions became much closer to being error-free.
A network packet is a small collection of data that has both a destination and a point of origin encoded in it. Generally, the data packet will travel over the network until it gets to the location inside it; then, it will let that single location open it up. Any other location that attempts to read it will fail. Network packet sniffers look at these collections, read their addresses and sometimes copy the entire packet.
Some network packet sniffers do this to monitor activity on a network. These sniffers are generally used by the system administrators to check for problems in the network or monitor the activities of the users. In most of these cases, it isn’t necessary to open the packet and look inside. It is typically enough to verify the addresses and make sure they are both allowable. If the packet is coming or going to a restricted computer, such as a banned website, it is possible to record its network location and find out who was using it.
It is also possible to open the packets and decode the data inside. This can be a time-consuming process depending on the type of encoding on the data packet. With enough time and effort, it is often possible to retrieve the data inside. While it is possible to do this for legitimate reasons, such as debugging a new piece of networking software, this type of packet analyzer has several uses in hacking and identity theft as well.
Packet analyzers are a common tool for a digital thief. By intercepting and decoding packets, hackers can learn several things. One of the more common bits of information involves the addresses of internal network machines that may have lighter security than known machines. In addition, if the correct packets are stolen, it is possible to grab log-in information and e-mail addresses.