In Understanding Packet Sniffers we talked on how it works and what are its uses. That’s alright but unless you know some of the sniffing tools and how to prevent it, the information is incomplete. Some of the common methods of sniffing are IP-Sniffing, MAC based sniffing which works well if ip filtering is not enabled or set, thus it can capture all the data , commonly termed as packets.
Some of the most commonly used sniffing tools are
- Tcpdump
- Sniffit
- Hunt
- Dsniff
How to prevent packet sniffers ?
We already discussed that packet sniffers are very hard to detect because they are passive, which means the sit on background reading the network stream and never send out data. So unless we know its there we cant find it. One of the major drawbacks of packet sniffers is if they cant understand data its junk. So best way is to make your data encrypted. but there are some more methods
- Secure Socket Layer: Its used to encapsulate data with help of digital certificates and digital signatures.
- IP Security: This method adds security at packet level. Each packet has a header is encrypted which contains the major information like address and others.
- PGP and MIME: Commonly used in Email services. As the emails are stored for extended period of time, its best to use them so the emails don’t landup in wrong mailboxes.
- VPN or Virtual Private Network: VPN’s are special for providing encrypted data across the internet. SO they are more secured but if somebody hacks in they can see the data even before its encrypted.
Packet Sniffing is pretty big topic but my aim was to make aware of it. If this posts interests you towards learning more on it, best way is to Google it. I hope you enjoyed the post.
