It is also easy to perform as the hub sends broadcast messages to all the computers on the network.Īctive sniffing is intercepting packages transmitted over a network that uses a switch. It is called passive sniffing because it is difficult to detect. Passive sniffing is intercepting packages transmitted over a network that uses a hub. The diagram below illustrates how the switch works. Switches operate at the data link layer (layer 2) and network layer (layer 3). This means broadcast messages are only seen by the recipient computer. Broadcast messages are sent to the physical ports that match the IP/MAC address configurations for the recipient computer. The diagram below illustrates how the hub works.Ī switch works differently it maps IP/MAC addresses to physical ports on it. It operates at the physical layer (layer 1) of the OSI Model. This means when using a hub, all the computers on a network can see the broadcast message. The recipient computer responds to the broadcast message if the IP address matches. The above protocols are vulnerable if login details are sent in plain text Passive and Active Sniffingīefore we look at passive and active sniffing, let’s look at two major devices used to network computers hubs and switches.Ī hub works by sending broadcast messages to all output ports on it except the one that has sent the broadcast.
The following are protocols that are vulnerable to sniffing Sniffing can be used to Ĭapture sensitive data such as login credentialsĬapture files have been transmitted over a network Network sniffing is the process of intercepting data packets sent over a network.This can be done by the specialized software program or hardware equipment. Once a message has been sent on a network, the recipient computer with the matching IP address responds with its MAC address.
0 kommentar(er)
