Keeping Your Data Safe. Packet Sniffing Explained

September 22, 2008

With the amount of personal information that people put online and transmit through the Internet, security of how this data is sent is always a cause for concern.

Data sent through a network from one computer to another is not sent as one big block of data but in smaller pieces of data called packets.

Most network security efforts are directed at making a network secure from outside intrusions.

However, one form of a potential internal security breach is rogue packet sniffing.

Peeking into data
A packet sniffer is a device attached to a network or a program installed in one of the computers linked to a network that can detect or “sniff out” packets that are being sent to a particular computer.

Typically, this also involves translation of the various raw data packets into information that can be interpreted by people. A simple form of a packet sniffer is one that is able to monitor information going to a particular computer.

More complicated packet sniffers are able to detect and compile all the packets that go to all the computers linked to a particular network.

What is means for the good guys
Packet sniffers are actually useful tools for network and system administrators. They are able to tell whether all the computers that are required to be linked to a network are sending and receiving data as they should.

With packet sniffers, they are able to identify if there are any speed bottlenecks with data transmission, detect if there is any illegal use of the network, intercept any possible intrusion into the network, and monitor other security-related and connectivity-related issues.

What it means for the  bad guys
However, packet sniffers can also be used to illegally look into the contents of packets being sent from one computer.

Packets being sent from your computer contain your usernames and passwords to accounts, the contents of your email, and other data that you might be sending to another computer within the network or outside your network.

Note that a packet sniffer can only do this if the packet sniffer is actually installed within your network.

Terminals outside your network cannot sniff data packets within your network.

It’s possible, but very difficult.

Security concerns
So how safe IS your data? It depends on how secure your network is. Physically, as long as no unauthorized computers or devices can be installed or connected to your network, then your data is secure.

Physical security also involves that only authorized users can use the computers on the network.

Users on your network should be aware that there are programs that they can inadvertently install, like a worm or Trojan, which can act as both a packet sniffer and a remote transmitter of data to an outside source.

Finally, the use of switches, which route data to the specific computers they’re meant for, instead of hubs which allow data to go to all computers regardless of which computer it is supposed to go to, can reinforce network security.