Solution

• Sniffers monitor and record raw data that passes through, over, or by a physical network interface.

• Network sniffer is tool that can help you locate network problems by allowing you to capture and view the packet level data on your network.

  • Uses of network Sniffers:
  • Capturing packets
  • Recording and analyzing traffic
  • Decrypting packets and displaying in clear text
  • Converting data to readable format
  • Showing relevant information like IP protocol, host or server name and so on
  • Catching password, which is the main reason for most illegal uses of sniffing tool
  • Capturing special and private information of transactions like username, credit ID, account, and password.

• They operate from a core part of a system’s networking stack, close to the hardware drivers that translate electrical impulses from a wired (or wireless) connection into packets.

• For example, a sniffer might tell an Ethernet interface to dump all traffic it sees rather than just watch for traffic addressed to the device’s address.

• Network interfaces are supposed to have a unique identifier tied to the device’s hardware.

• This identifier is the Media Access Control (MAC) address assigned to every interface.

• A device’s IP address may change depending on what network it’s connected to.

• For example, a laptop might have IP address 10.0.1.12 on a home network, 10.10.33.19 at a coffee shop, and 192.168.17.33 at work.

• Its MAC address remains the same across each network because the hardware hasn’t changed.

• Devices use the MAC address to negotiate data link layer connections.

• These are the connections that devices use to transfer higher-level protocols like TCP/IP. In order to join a network, a device broadcasts its MAC address, indicating that it wishes to communicate with someoneThey operate from a core part of a system’s networking stack, close to the hardware drivers that translate electrical impulses from a wired (or wireless) connection into packets.