This question is one that I do get very rarely, although I know that there are a few of you security savvy computer users like myself out there who would love to know exactly what the term “Sniffer” refers to.

A “sniffer” is a software program, which can be either command-line or GUI based. This software program is used to monitor every single data packet that travels through a specific network interface on the computer of which it is running on.

 

For example you decide to run Wireshark (formerly Ethereal) on your computer whilst being connected to your home network. Wireshark is a network sniffer. While you run this software you must then select the network device of which you would like to observe packet data on. Say you were connected to your home network wirelessly using a Broadcom wireless device, which was named “Wlan0” on your computer, you would run Wireshark and select the capture device “Wlan0” and then click the “Start Capture” button at the top of the software window, which would begin capturing all of the data packets sent across your wireless device.

 

Knowing what data packets are flowing across your wireless device that is connected to your home network without internet access is rather pointless, although say you were connected to the internet or you were running a web server on the computer you are running Wireshark on, you would be much more likely to detect an attack and shut down your server to prevent any damage from the attack.

I am sure that this has enlightened you as to the meaning of the term “Sniffer”. You are now one step closer to knowing how to secure your network.

Advertisements