Packet Sniffers | HowStuffWorks

Publish date: 2022-08-31

Packet Sniffers

Computer-network administrators have used packet sniffers for years to monitor their networks and perform diagnostic tests or troubleshoot problems. Essentially, a packet sniffer is a program that can see all of the information passing over the network it is connected to. As data streams back and forth on the network, the program looks at, or "sniffs," each packet. A packet is a part of a message that has been broken up.

Normally, a computer only looks at packets addressed to it and ignores the rest of the traffic on the network. But when a packet sniffer is set up on a computer, the sniffer's network interface is set to promiscuous mode. This means that it is looking at everything that comes through. The amount of traffic largely depends on the location of the computer in the network. A client system out on an isolated branch of the network sees only a small segment of the network traffic, while the main domain server sees almost all of it.

A packet sniffer can usually be set up in one of two ways:

Packets that contain targeted data are copied onto the hard disk as they pass through. These copies can then be analyzed carefully for specific information or patterns.

­When you connect to the Internet, you are joining a network maintained by your Internet service provider (ISP). The ISP's network communicates with networks maintained by other ISPs to form the foundation of the Internet. A packet sniffer located at one of the servers of your ISP would potentially be able to monitor all of your online activities, such as:

From this information, employers can determine how much time a worker is spending online and if that worker is viewing inappropriate material.

Desktop monitoring programs work differently than packet sniffers. They can actually monitor every single action you take with your computer.

ncG1vNJzZmibn6K9tsDEq2Whp6eowbayxbCmq6OjY7CwuY6wpqujoKGupLGMrKyrrpWeua2tzZyca2aYqbpteItlY2VkXA%3D%3D