How To Protect Your Packet Data
Network packets: Data that is split into chunks (packets) sent between your computer and a router containing all the data you receive and send out.Packet capture: The act of downloading packets to read them as plain text.Packet Sniffing: The use of software to download and capture many or all packets being transferred over a network, usually to find sensitive data such as passwords and credit card information on public networks.There are 3 Categories of Packets sniffing, this post will be focusing on type 1:White Hat/No Encrypted data. To start off packet sniffing is not all bad it can be very useful for detecting variety a of problems on networks such as someone using your Internet, twin IP address errors and more.
- How is Packet Sniffing Preformed?
Packet sniffing is made easy today with software such as Wireshark. For type I packet sniffing you must have access to a network preferably your own (some legal issues occur on public networks). To start packet sniffing you then need a packet analyzer such as Wireshark. Once Wireshark is up and running select the device you would like to start sniffing packets on most likely this will be the one labeled ethernet1. Once the device is selected you can start scanning, a list of packets will start popping up of all the activity on the network. Once someone has got this far they’re basically done for type I all they have to do is right-click on the packet then click read. Any data transmitted in plain-text is open to their eyes so be careful on public networks.
Besides the obvious black hat implications of packet sniffing there are a lot of scenarios where this can be very useful. Such as analyzing network problems, detecting network intrusion attempts, gather and report networks of statistics, monitor data in motion and filter suspect content from network traffic. Mr. Meyer(IT guy at my school) most likely sniffs packets at our school to monitor traffic this is probably automated by software searching for certain keywords in the packets and then notifies Mr. Meyer when these keywords appear in the packets.
Type I packet sniffing is not what you have to worry about when it comes to invasion of information because type I deals with unencrypted, plaintext information. The majority of Internet activity with sensitive data is encrypted (that’s what the ‘s’ after http means) when you’re on a website. If you use a mainstream e-mail service like Gmail or Yahoo where the E-mails are encrypted when sent through the network so they’re safe to from type I packet sniffing.
Type I packet sniffing can be useful for analyzing network problems and that’s the only thing I see it for or at least main use. Many times people will see type I packet sniffing and think they’re hacking or doing something illegal but not really there are some times where you could use type I for malicious use but these events are very rare. I have never actually performed type I packet sniffing in a scenario that was actually useful. There is often other ways to diagnose network issues that are more automated and easy to do so type I packet sniffing is not commonly used in therefore the other categories of packet sniffing or what everybody else hears about