Internet eavesdropping, network diagnostic and more
By Red Squirrel
Capture in progress...
Once a capture is stopped you get the main window where you can click on a packet and dissect it to get more information. Ethereal understands quite a few protocols so it also gives you information based on the protocol used for that packet, such as HTTP, FTP, etc. Click the image below for larger version.
What's really nice is all the filter options. Also, you can follow a tcp stream - so you can see the conversation between a client and a server during that time frame starting from the connection to the disconnection.
In most cases, you would run a packet sniffer on your computer and it would sniff both incoming and outgoing packets to that computer. But on a network with a hub, you would also receive packets from/to other computers. This is why a switched network is much more private, because packets are sent to your computer only, and when you send packets they are sent only to the destination computer. So for someone to eavesdrop on you they'd have to either plug in a computer acting as a gateway, with the sniffer, or they'd have to replace the switch with a hub and hook up the packet sniffing machine to the hub.
On the next page we'll take a closer look at how packet sniffers can be beneficial, such as in diagnosing network problems.
This site best viewed in a W3C standard browser at 800*600 or higher
Site design by Red Squirrel | Contact
© Copyright 2019 Ryan Auclair/IceTeks, All rights reserved