Well, the days of the old and limited Netmon are over with the advent of the new generation of Netmon. Microsoft Network Monitor 3.2Įver since the only Windows NT 4.0 version, Microsoft had a nice (but quite limited) packet sniffer called Network Monitor. I’ve tried to list some of these, but more exist and if you feel that I left any out, please email me and I’ll upload it to this article. That means that, usually, I can get along with just one or two programs. I use the only packet sniffer program I am most used to, and the one that gives me the most flexibility for my specific tasks and needs. So, what freeware packet sniffers do I use? The answer is simple. You can read more about sniffers on the (old but still relevant) Sniffing (network wiretap, sniffer) FAQ ( see link below). Network traffic logging, to create logs that hackers can’t break into and erase.Network intrusion detection in order to discover hackers/crackers.Performance analysis to discover network bottlenecks.Fault analysis to discover problems in the network, such as why computer A can’t talk to computer B.Conversion of data to human readable format so that people can read the traffic.Used hackers/crackers in order to break into systems Automatic sifting of clear-text passwords and usernames from the network.Typical uses of packet sniffer programs include: However, the term “sniff” is used in many other products (some of which are listed in this document) and the term “sniffer” is more popular in everyday usage than alternatives like “protocol analyzer” or “network analyzer”. Note: The word “sniffer” is a registered trademark by Network Associates referring to the “Sniffer(r) Network Analyzer”. With that said, a packet sniffer is a actually wire-tap device that plugs into a computer networks and eavesdrops on the network traffic.
By working in “promiscuous” mode we are allowing the capture of ANY frame that is transmitted on the wire, even though it is not destined for that NIC. Without going into that mode, Ethernet network interface cards normally work in a “filter” mode that ignores all traffic that doesn’t belong to it. The reason for using a packet sniffer (or simply called “sniffer”) is to configure the NIC to work in a mode called “promiscuous” mode. A packet sniffer is usually used to analyze network traffic.
0 kommentar(er)
