Josh_Hacking

Lesson
Detailed Info

Sniffing Attacks

Sniffing is the process of monitoring and capturing all data packets that are passing through a computer network using packet sniffers. Packet Sniffers are used by network administrators to keep track of data traffic passing through their network. These are called network protocol analyzers. In the same way, malicious attackers employ the use of these packet sniffing tools to capture data packets in a network.

Data packets captured from a network are used to extract and steal sensitive information such as passwords, usernames, credit card information, etc. Attackers install these sniffers in the system in the form of software or hardware. There are different types of sniffing tools used and they include Wireshark, Ettercap, BetterCAP, Tcpdump, WinDump, etc.

The Difference Between Sniffing and Spoofing

In sniffing, the attacker listens into a networks’ data traffic and captures data packets using packet sniffers. In spoofing, the attacker steals the credentials of a user and uses them in a system as a legitimate user.

Spoofing attacks are also referred to as man-in-the–middle attacks since the attacker gets in the middle of a user and a system.

Types of Sniffing

There are two types of sniffing attacks, active sniffing and passive sniffing.

Active sniffing – this is sniffing that is conducted on a switched network. A switch is a device that connects two network devices together. Switches use the media access control (MAC) address to forward information to their intended destination ports. Attackers take advantage of this by injecting traffic into the LAN to enable sniffing.
Passive sniffing – passive sniffing uses hubs instead of switches. Hubs perform the same way as switches only that they do use MAC address to read the destination ports of data. All an attacker needs to do is to simply connect to LAN and they are able to sniff data traffic in that network.

Sniffing is detrimental to the user or a network system since a hacker can sniff the following information: email traffic, FTP passwords, web traffics, telnet passwords, router configuration, chat sessions, DNS traffic, etc.

How to Prevent Sniffing Attacks

Untrusted networks: users should avoid connecting to unsecured networks, which includes free public Wi-Fi. These unsecured networks are dangerous since an attacker can deploy a packet sniffer that can sniff the entire network. Another way an attacker can sniff network traffic is by creating their own fake–free public Wi-Fi.

Complete the task https://inetsecurity.net.in/adminpage/vulnerabilities/sniffing/index.php

Install WireShark in your windows, if you dont have kali linux.