Packet+Sniffing

=Packet Sniffing= Author: Jing Liong

Essentially a packet sniffer, also known as a network monitor or network analyzer, is a computer software or a hardware that can see all of the information passing over the network it is connected to and log information. As data streams back and forth on the network, the program, decodes (if needed) and "sniffs" the content and packet. On a computer without a Packet Sniffer program, it would only look at packets that is addressed to it, and ignores the rest. However, when this software or hardware is set to the computer, the sniffer's network interface is set to promiscuous mode. This means that the computer is looking at all information that passes the computer; the amount of packets "sniffed" depends on the location of the computer in the network.

How does Packet Sniffing Work?
When you are on the Internet, you are joining a network maintained by your ISP. The ISP's network interacts with other networks maintained by other ISPs to form the foundation of the internet. A packet sniffer located at one of the servers of your ISP would potentially be able to monitor all of your online activities, such as:
 * What's in the e-mail you send
 * What you look at on the site
 * What you download from a site
 * Which Web sites you visit
 * What streaming events you use, such as audio, video and Internet telephony
 * Whom you send e-mail to
 * Who visits your site (if you have a Web site)

Filter Packet Sniffing
When the packet sniffer is set to "filtered", the computer only looks at data with specific data elements that is set to the program / hardware. Packets that contain targeted data are copied as they pass through. The program stores the copies in memory or on a hard drive, depending on the program's configuration. These copies can then be analyzed carefully for specific information or patterns.

**Good Packet Sniffers**
=== Though Packet Sniffing may sound illegal and against the law, there are also people that use it for legalized action. One example of this is the FBI, this federation utilized packet sniffing in it's Carnivore System. When the FBI suspects a person or parties of criminal activity, and when they have a court order, they would perform a full-content wire tap of e-mail traffic, and etc. Other Packet sniffers could also use this program or hardware, to monitor and maintain this network or even fix technological issues. ===

**Bad Packet Sniffers**
===** An illegal packet sniffer is used by a hacker to gain unauthorized access to sensitive information and data on a network. If downloaded illegally, it would be installed without the knowledge of the IT administrator, and hides in different areas of the network for the purpose of spying on and stealing the packets of data the pass over the network. **===

Reference
