Sniffer Attacks

               Sniffing captures packets sent over a network with the intent of
               analyzing the packets. A sniffer (also called a packet analyzer or

               protocol analyzer) is a software application that captures traffic
               traveling over the network. Administrators use sniffers to analyze
               network traffic and troubleshoot problems.

               Of course, attackers can also use sniffers. A sniffer attack (also called a
               snooping attack or eavesdropping attack) occurs when an attacker
               uses a sniffer to capture information transmitted over a network. They
               can capture and read any data sent over a network in clear text,

               including passwords.

               Wireshark is a popular protocol analyzer available as a free download.
               Figure 14.4 shows Wireshark with the contents of a relatively small
               capture, and demonstrates how attackers can capture and read data
               sent over a network in cleartext.






































               FIGURE 14.4 Wireshark capture


               The top pane shows packet 260 selected and you can see the contents
               of this packet in the bottom pane. It includes the text User: