Ethereal Packet Sniffing | Search for a title, author or keyword | ||||||||
Ethereal Packet Sniffing by Angela Orebaugh et al. 2004. The terms sniffing and eavesdropping have often been associated with this practice, capturing valuable, confidential information. However, sniffing is now becoming a non-negative term and most people use the terms sniffing and network analysis interchangeably. Using a sniffer in an illegitimate way is considered a passive attack. It does not directly interface or connect to any other systems on the network. However, the computer that the sniffer is installed on could have been compromised using an active attack. The passive nature of sniffers is what makes detecting them so difficult. For sniffing to occur, an intruder must first gain access to the communication cable of the systems that are of interest. This means being on the same shared network segment, or tapping into the cable somewhere between the path of communications. Sniffing programs are included with most rootkits that are typically installed on compromised systems. Rootkits are used to cover the tracks of the intruder by replacing commands and utilities and clearing log entries. They also install other programs such as sniffers, key loggers, and backdoor access software.
|
|||||||||
Ethereal Packet Sniffing | Disclaimer: this link points to content provided by other sites. |