Packet Sniffers

Prepared By:-

M.Ravi Teja Reddy

CSE -2

MVSR engineering college

2

Index

Introduction Types of environment Varieties of packet sniffers What is it used for Components Working Applications Disadvantages Types of softwares available

INTRODUCTION

A packet sniffer is a software application that uses a network adapter card in promiscuous mode to capture all network packets.

The feature of packet sniffers is:- Packet sniffers exploit information passed in clear text. Protocols that pass information in the clear include the following:

Telnet FTP SNMP POP

Host A Host BRouter A Router B

• 04/13/2023

Varieties of packet sniffers

• Today, sniffers exist in two broad varieties: • The first is a stand-alone product incorporated into a

portable computer • The second is part of a larger package of network-

monitoring hardware and software

• Basically Commercial packet sniffers are used to help maintain networks.

• Underground packet sniffers are used to break into computers.

04/13/2023

• Used to debug communication between a client and a server.

• Help in identifying who is communicating with whom and what data is sent and received over the network.

• Used in monitor how a network as used and

also used to monitor network users.

• Used to make network more secure - In order to come through to your network, it must pass through the packet sniffer.

04/13/2023

• Used in identify network problems before they become serious.

• This lets the packet sniffers see all data traffic on the network segment to which they're attached

• For this to happen sniffer must be located within the same network block (or net of trust) as the network it is intended to sniff, sniffer could be placed anywhere within that block

Applications:1. Analysing the band with used.

2. Determining the hackers if any are trying to access .

3. Know the ip address of different systems connected to your system

4. Analyse the traffic flowing through the network

04/13/2023

Disadvantages:-

• Configuring your network device to read all network packets that arrive which might contain trojan horses, you might also open doors to allow intruders access to your confidential data and network files.

Packet sniffer softwares available in the market are :

1. Wire shark

2. Net stumbler

3.Packet sniffer

4. Microsoft Network Monitor etc..

• 17

Wire shark :• Wire shark is the world's foremost network protocol

analyzer. • It is the de facto (and often de jure) standard across

many industries and educational institutions.

• It lets you capture the traffic and browse it on a computer network.

• Lets be specific about this software and observe the process ……….

04/13/2023

Features of Wireshark:

• Available for UNIX and Windows.

• Capture live packet data from a network interface.

• Display packets with very detailed protocol information.

• Saves captured packet data.

• Import and Export packet data from and to a lot of other capture programs.

04/13/2023

• Filter packets on many criteria.

• Search for packets on many criteria

• Colorize packet display based on filters.

• Create various statistics

04/13/2023

Wireshark does not provide:

• It will not warn you when someone does strange things on your network that he/she isn't allowed to do. But wireshark might help you figure out what is really going on.

• Wireshark will not manipulate things on the network, it will only "measure" things from it.

Now its time for us to have a glance at the sample C code of a packet sniffer

Screen shots:

25

26

References:-

www.Packet-sniffer.net

www.wireshark.org

www.Wikipedia.org

And many more…

27

Thank you!!!

Any questions?