Scribd
Upload
19 views5 pages

Network Analyzer Tools Overview

The document discusses packet sniffing, defining it as the act of capturing data packets over a computer network, and categorizes it into active and passive sniffing. It outlines various network analyzer tools such as Wireshark, Tcpdump, and Snort, detailing their features and platforms. Additionally, it highlights the advantages and disadvantages of packet sniffing, as well as ethical considerations regarding illicit packet sniffing.

Uploaded by

thorat_496512597
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
19 views5 pages

Network Analyzer Tools Overview

The document discusses packet sniffing, defining it as the act of capturing data packets over a computer network, and categorizes it into active and passive sniffing. It outlines various network analyzer tools such as Wireshark, Tcpdump, and Snort, detailing their features and platforms. Additionally, it highlights the advantages and disadvantages of packet sniffing, as well as ethical considerations regarding illicit packet sniffing.

Uploaded by

thorat_496512597
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd

Experiment no.

2
Aim: To study various network analyzer tools(Virtual lab experiment)

Theory:

What is Packet Sniffing ?


When any data has to be transmitted over the computer network, it is broken down into
smaller units at the sender’s node called data packets and reassembled at receiver’s
node in original format. It is the smallest unit of communication over a computer
network. It is also called a block, a segment, a datagram or a cell. The act of capturing
data packet across the computer network is called packet sniffing.The network sniffing
can be categorized mainly into active and passive sniffing:

1)Active Sniffing:

· In this sniffing type, attacker directly interacts with target machine by sending
packets and receiving responses.

· This sniffing is carried out through Switch. In this type, attacker tries to poison the
switch by sending bogus MAC address.

· Examples of active sniffing : ARP spoofing, MAC flooding, HTTPS and SSH
spoofing, DNS spoofing etc.

2)Passive Sniffing:
· In this sniffing type, attacker does not interact with the target. He/she simply
hook on to the network and captures packets transmitted and received by the
network or exchanged between two machines.

· This sniffing is carried out through hub. An attacker connects to the hub from
his/her machine. Attacker needs account on the LAN.

· Examples of passive sniffing: Hub based networks or wireless networks

What is Packet Sniffer?


Packet sniffing is done by using tools called packet sniffer. It can be either filtered or
unfiltered. Filtered is used when only specific data packets have to be captured and
Unfiltered is used when all the packets have to be captured.

How to prevent packet sniffing:

· Encrypting data you send or receive.

· Using trusted Wi-Fi networks.


· Scanning your network for dangers or issues.

Advantages:
Network troubleshooting

Security analysis
Network optimization

Protocol analysis

Disadvantages:
Privacy violations

Legal issues

Resource usage

Complexity

What is illicit packet sniffing?


Illicit packet sniffing refers to the unauthorized interception and capture of data packets
that travel across a network. This practice is illegal when done without permission and
can compromise the confidentiality, integrity, and privacy of sensitive data being
transmitted over a network. Packet sniffing tools are often used to monitor network
traffic, but when used without consent, they can violate privacy laws and lead to serious
cybersecurity threats, such as data theft, identity theft, or espionage.

There are various techniques and tools that can be used for packet sniffing, such as
Wireshark, tcpdump, and others. In an ethical context, network administrators use
packet sniffing tools to monitor the health of a network, detect security vulnerabilities,
and troubleshoot issues.

Network Analyzer Tools:


1. Wireshark:

· Description: One of the most widely used packet sniffing tools. Wireshark allows
you to capture and analyze the traffic over a network. It provides detailed
information about packets, including protocol, source, and destination.

· Platform: Windows, macOS, Linux

· Features: Deep packet inspection, powerful filtering, protocol decoding, and real-
time traffic analysis.

2.Tcpdump:

· Description: A command-line tool for packet capturing. Tcpdump is very


lightweight and provides a simple way to capture and display network traffic.
· Platform: Linux, macOS, Windows (via Cygwin)

· Features:Simple, efficient, supports filters, and is often used for troubleshooting


and analysis.

3.Tshark:

· Description: A command-line version of Wireshark. It offers similar features but


without the graphical interface, making it a good choice for automated or remote
packet sniffing.

· Platform: Windows, macOS, Linux

· Features: Similar to Wireshark but for command-line environments.

4.NetFlow Analyzer:

· Description: Primarily used for analyzing and monitoring network flows rather
than raw packet data. It’s useful for network performance management and
understanding traffic patterns.

· Platform: Windows, Linux

· Features: Flow analysis, reporting, and network traffic insights.

5.Kismet:

· Description: A wireless network detector, sniffer, and intrusion detection system.


It works with Wi-Fi networks and can detect hidden networks and capture traffic
from wireless communications.

· Platform: Linux, macOS, Windows (via Cygwin)

· Features: Wireless network detector and sniffer,Captures and analyzes Wi-Fi


traffic,Detects hidden networks and supports GPS mapping.

6. Snort:

· Description: A network intrusion detection system (NIDS) and packet sniffer.


Snort is often used to detect and log suspicious activities on a network, but it can
also be used for packet sniffing.

· Platform: Windows, Linux, macOS

· Features: Network Intrusion Detection System (NIDS),Analyzes traffic for


suspicious activities,Uses rule-based detection to identify threats.
Conclusion:
We studied various network analyzer tools successfully.

You might also like