What is Packet Sniffer?
A packet sniffer — is also known as a packet analyzer, protocol analyzer, or network analyzer is a piece of hardware or software used to monitor network traffic.
Sniffers work by examining streams of data packets that flow between computers on a network as well as between networked computers and the larger Internet.
These packets are intended for and addressed to specific machines, but using a packet sniffer in “promiscuous mode” allows IT professionals, end users or malicious intruders to examine any packet, regardless of destination.
It’s possible to configure sniffers in two ways. The first is “unfiltered,” meaning they will capture all packets possible and write them to a local hard drive for later examination. Next is “filtered” mode, meaning analyzers will only capture packets that contain specific data elements.
Packet sniffers can be used on both wired and wireless networks- their efficacy depends on how much they are able to “see” as a result of network security protocols.
On a wired network, sniffers might have access to the packets of every connected machine or may be limited by the placement of network switches.
On a wireless network, most sniffers can only scan one channel at a time, but the use of multiple wireless interfaces can expand this capability.