Definition:
Packet sniffing is the process of intercepting and logging network traffic as it passes over a digital network.
Purpose:
Used for network diagnostics, but also exploited by attackers to capture sensitive data like passwords, emails, and files.
How it works:
-
The sniffer listens to packets using promiscuous mode on a network interface.
-
It can capture unencrypted data.
Tools: Wireshark, tcpdump, Ettercap
Risks:
-
Data theft on unsecured networks (e.g., open Wi-Fi).
-
Violation of privacy.
Prevention:
-
Use encryption (HTTPS, VPN).
-
Switch to switched networks instead of hubs.
-
Monitor for unusual sniffing activity.