Sniffing attack
From Wikipedia, the free encyclopedia
Sniffing attack in context of network security, corresponds to theft or interception of data by capturing the network traffic using a packet sniffer (an application aimed at capturing network packets). When data is transmitted across networks, if the data packets are not encrypted, the data within the network packet can be read using a sniffer.[1] Using a sniffer application, an attacker can analyze the network and gain information to eventually cause the network to crash or to become corrupted, or read the communications happening across the network.[2]
Sniffing attacks can be compared to tapping of phone wires and intercepting the conversation. For this reason, it is also referred as wiretapping applied to computer networks. Using sniffing tools, attackers can sniff sensitive information from a network, including email (SMTP, POP, IMAP), web (HTTP), FTP (Telnet authentication, FTP Passwords, SMB, NFS) and many more types of network traffic. The packet sniffer usually sniffs the network data without making any modifications in the network's packets. Packet sniffers can just watch, display, and log the traffic, and this information can be accessed by the attacker.[3]