Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to a local are network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution.
A sniffer is also known as a packet analyzer.
While sniffers do not cause network damage, they have the potential to cause personal harm because they can allow a hacker to confiscate PINs, passwords and other confidential information, especially data that is in plain text. Sniffer users can even include co-workers who seek to benefit from unauthorized data searches within a work setting. This risk is compounded by the fact that a sniffer program is relatively inexpensive to purchase and easy to use.
There are ethical reasons to use sniffer software, such as when a network administrator monitors network traffic flow. Anti-sniff scans are useful when guarding against sniffer attacks, as are switched networks. However, when one considers how easy it is to obtain and use sniffer software for malicious reasons, its illegitimate use is a cause for concern.