The Evil Packet Sniffer By Eran Aharonovich At Isnare.com Ezine Articles

A "Packet Sniffer" is a utility that sniffs without modifying the network's packets in any way.

By comparison, a firewall sees all of a computer's packet traffic as well, but it has the ability to block and drop any packets that its programming dictates. Packet sniffers merely watch, display, and log this traffic.

One disturbingly powerful aspect of packet sniffers is their ability to place the hosting
machine's network adapter into "promiscuous mode." Network adapters running in promiscuous mode receive not only the data directed to the machine hosting the sniffing software, but also ALL of the traffic on the physically connected local network.

In order to view an entire network session you will have to reassemble the packets back into sessions.

To do so you will have to know deeply IP and TCP protocols.

Reassembling the packets is not an easy task because some packets are lost on the way and the others do not come at the right order, but once you do that you are capable to "read" the entire network.

After you have learnt to reassemble packets you will have the ability to develop several "evil" components:

1. One thing you can do is to read the outgoing and/or incoming emails. The email protocol is called SMTP and is sent via PORT 25.

2. Do not forget the FTP protocol ( PORT 21 ), it might come in handy.

3. Monitor the HTTP protocol ( port 80 ) which is the World Wide Web. By doing so you will know which websites have been visited, files that have been uploaded to the web or downloaded from the web, text that was sent and so on.

While those things are considered inappropriate and your colleagues will probably not like it, sometimes it is needed for security reasons.

If you are a programmer and you want to start exploring the subject then I suggest you start with my free basic TCP sniffer which is available for download here:

http://www.noviway.com/Code/Basic-TCP-Sniffer.aspx

Good luck and happy sniffing!

Published At: Isnare Free Articles Directory http://www.isnare.com
Permanent Link: http://www.isnare.com/?aid=106131&ca=Computers+and+Technology

Important Notice DISCLAIMER: All information, content, and data in this article are sole opinions and/or findings of the individual user or organization that registered and submitted this article at Isnare.com without any fee. The article is strictly for educational or entertainment purposes only and should not be used in any way, implemented or applied without consultation from a professional. We at Isnare.com do not, in anyway, contribute or include our own findings, facts and opinions in any articles presented in this site. Publishing this article does not constitute Isnare.com's support or sponsorship for this article. Isnare.com is an article publishing service. Please read our Terms of Service for more information.