Sniffing

Sniffing

Data is transmitted over the network in the form of datagrams (packets).These packets contain all the information including the login names,passwords, etc. Ethernet is the most widely used forms of networking computers. In such networks the data packets are sent to all the systems over the network. The packet header contains the destination address for the packet. The host receiving the data packets checks the destination address for the received packet. If the destination address for the packet matches with the hosts IP address the datagram will be accepted else it will be discarded.

                                                 

Packet sniffers accept all the packets arrived at the host regardless of its destination IP address. So installing packet sniffer on a system in Ethernet we can monitor all the data packets moving across the network.

The data may even include the login names and passwords of the users on the network. Not only that sniffing can also reveal some valuable information about the version numbers of the services running on the host, operating system being used, etc.

**NetworkActiv Sniffer is freeware tool available for download at http://www.networkactiv.com. The following is the data contained in a packet, captured over my network. (For security reasons I’ve edited the addresses).

HTTP/1.1 301 Moved Permanently

Content-Length: 150

Content-Type: text/html

Location: http://XXX.XXX.XXX.XXX/new/

Server: Microsoft-IIS/6.0

Date: Wed, 12 Mar 200X 08:17:56 GMT

<head><title>Document Moved</title></head>

<body><h1>Object Moved</h1>This document may be found <a

HREF="http://XXX.XXX.XXX.XXX/new/">here</a></body>

From this we can understand that the source system for the packet has a

Microsoft Operating System installed and is running IIS 6.0 (the

operating system might possibly be Windows 2003 Server as it has IIS

6.0 running).