How to Protect Your Self From Sniffing

Today I'm going to talk about sniffing which a method hackers use to hack 

your computer and steel your private data, and how to protect your self from 

this kind of attack so read carefully.

What is Sniffing?

Sniffing is a data interception technology,or in detail it's a computer network 

hacker term. On Ethernet networks data is sent in data packets. The packet 

includes the sending address, the data being sent, and the address it came 

from. Hackers are able to use a "sniffing" program to intercept those packets 

of data and read them.

What is a Sniffer?

A sniffer is a piece of software that grabs all of the traffic flowing into and 

out of a computer attached to a network. They are available for several 

platforms in both commercial and open-source variations. Some of simplest 

packages are actually quite easy to implement in C or Perl, use a command 

line interface and dump captured data to the screen. More complex projects 

use a GUI, graph traffic statistics, track multiple sessions and offer several 

configuration options. Sniffers are also the engines for other programs. 

Intrusion Detection Systems (IDS) use sniffers to match packets against a 

rule-set designed to flag anything malicious or strange.

Network utilization and monitoring programs often use sniffers to gather data 

necessary for metrics and analysis. Law enforcement agencies that need to 

monitor email during investigations, likely employ a sniffer designed to 

capture very specific traffic. Knowing that sniffers simply grab network data, 

let’s see how they work.
                                How does the Sniffer work?

Before we can explore how a sniffer operates, it may be helpful to examine 

what enables the tool to work. During normal tasks such as Web surfing and 

messaging, computers are constantly communicating with other 

machines. Obviously, a user should be able to see all the traffic traveling to 

or from their machine. Most PCs, however, are on a Local Area Network (LAN), 

meaning they share a connection with several other computers. If the 

network is not switched (a switch is a device that filters and forwards packets 

between segments of the LAN), the traffic destined for any machine on a 

segment is broadcast to every machine on that segment. This means that a 

computer actually sees the data traveling to and from each of its neighbors, 

but ignores it, unless otherwise instructed.

How to protect your self from sniffing?

If your a network technician or administrator and you want to see if anyone 

on your network is using a sniffer tool, check out a tool called Antisniff. 

Antisniff can detect if a network interface on your network has been put into 

'promiscuous mode' (don't laugh that's the actual name for it), which is the 

required mode for packet capture tasks.

Another way to protect your network traffic from being sniffed is to 

use encryption such as Secure Sockets Layer (SSL) or Transport Layer Security 

(TLS). Encryption doesn't prevent packet sniffers from seeing source and 

destination information, but it does encrypt the data packet's payload so that 

all the sniffer sees is encrypted gibberish. Any attempt to modify or inject 

data into the packets would likely fail since messing with the encrypted data 

would cause errors that would be evident when the encrypted information was 

decrypted at the other end.

Sniffers are great tools for diagnosing down-in-the-weeds network problems. 

Unfortunately, they are also useful for hacking purposes as well. It's 

important for security professionals to familiarize themselves with these 

tools so they can see how a hacker might use them against their network.