Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
Another use of packet sniffing may be to conduct surveillance on users to ensure they are adhering to corporate policy. Naturally, this requires their consent. To achieve this, you would need to connect to a spanning port on the relevant switch in order to see all traffic for that network segment.
Finally, it's extremely useful to use a packet sniffer to monitor a computer's activity if you believe it may have been compromised, for example with a Trojan program or virus. You could connect a PC running a packet sniffer to a hub, to which you also connect the suspect machine. You can then observe all traffic in and (more importantly, out) of the suspect device and quickly determine if something is causing it to send data out to an attacker.
This was first published in March 2009