Fandom

The IT Law Wiki

Network sniffing

32,196pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definition

Network sniffing is

a passive technique that monitors network communication, decodes protocols, and examines headers and payloads to flag information of interest. Besides being used as a review technique, network sniffing can also be used as a target identification and analysis technique.[1]

Overview

Reasons for using network sniffing include the following:

Network sniffing has little impact on systems and networks, with the most noticeable impact being on bandwidth or computing power utilization. The sniffer — the tool used to conduct network sniffing — requires a means to connect to the network, such as a hub, tap, or switch with port spanning.[2]

Shortcomings

One limitation to network sniffing is the use of encryption. Many attackers take advantage of encryption to hide their activities — while assessors can see that communication is taking place, they are unable to view the contents. Another limitation is that a network sniffer is only able to sniff the traffic of the local segment where it is installed.

References

  1. NIST Special Publication 800-115, at 3-4.
  2. Id.

See also

Also on Fandom

Random Wiki