Some of you in the audience might have actually heard of packet sniffing before you start to read this article.
For the others that are out there in the audience it is actually a really simple topic; it just has advanced uses in the worlds of both black hat and white hat hackers.
Packet sniffing is when you take the packets that are running either over the internet or on a local network and analyze the contents that are in them.
You might be asking yourself what the big deal is, your browser and other programs that are loaded into your computer do this all of the time.
Well it is a big deal because you are able to see a lot more of the packet’s information when you are analyzing it than you can when you are using a browser.
When you are analyzing a packet, you are usually looking for more than just the data that is inside of it.
You are also looking for clues of who sent it and where on earth did it come from.
In this article, I will both discuss what goes on inside of a packet and the tools that you can use to perform the procedure.
After that I will show how it can keep your network safe by following these practices.
What Is Inside Of A Packet?
A data packet that is traveling on the internet is usually very small but it is able to hold a lot of information.
Like many things when it comes to the computer, it has many different layers that you have to peel off to find out what is really going on.
Inside of the packet we of course have the data that we are transmitting.
That is usually a mixture of data that may include a few words of a sentence that you were writing or a piece of the image that you are sending.
There is not going to be much data in the packet that you randomly pick out the air so that is why they are sending millions of more packets behind the one you are analyzing.
But also besides the information for the user inside of the data packet itself there are also other pieces of data that instruct the packet on what to do.
When the data packet is flying through the nodes on the internet there is certain information that it is going to need to make sure that it reaches its destination in a timely manner.
This is what the extra data that is in the packet is for.
There are bits in the data packet that will tell the network whether it is an IPv4 or an IPv6 piece of information going through the network.
There is also a TTL set of bits which means Time to Live.
This is actually an interesting piece of data.
By the name you can probably guess that it tells the routers and other devices that are on the network how many hops the data can take before it is allowed to die.
If it is allowed to die then it sends a signal and another piece of data that is similar is sent right behind it.
There are also bits in the packet that tell you how long the header of a web page is going to be.
If you know a little about networking then you have most likely heard of headers before.
This is the item that is sent to and from the server that talks about the web page being sent and what is on it.
There are many more pieces of the packet that we can talk about but I think that you are starting to get the idea.
The packet holds a lot of information and some of this information can be used by you to find out a little bit more about the people who are visiting you.
Tools To Use To Analyse The Packet
There are plenty of both free and paid for applications that you can use to be able to sniff the traffic that is on your network.
Most of these tools are very mature and it more speaks on your preference on which one you would like to use.
You must make sure that you know which environment you are going to use it for.
Will it be an enterprise environment or more of a home setting?
Keep Yourself And Your Network Safe
There is an old saying that you should always know your enemy and the more information that you can scrape against your opponent the better off you will be.
If you have someone that is attacking your network then you need to make sure that you are ready with a packet analyzer tool.
This way you will be able to find out a lot more about the attacker and respond accordingly.