How To Protect Your Packet Data
Network packets: Data
that is split into chunks (packets) sent between your computer and a
router containing all the data you receive and send out.Packet capture: The act of downloading packets to read them as plain text.Packet Sniffing: The
use of software to download and capture many or all packets being
transferred over a network, usually to find sensitive data such as
passwords and credit card information on public networks.There
are 3 Categories of Packets sniffing, this post will be focusing on
type 1:White Hat/No Encrypted data. To start off packet sniffing is
not all bad it can be very useful for detecting variety a of problems on
networks such as someone using your Internet, twin IP address errors
and more.
- How is Packet Sniffing Preformed?
Packet
sniffing is made easy today with software such as Wireshark. For type I
packet sniffing you must have access to a network preferably your own
(some legal issues occur on public networks). To start packet sniffing
you then need a packet analyzer such as Wireshark. Once Wireshark is up
and running select the device you would like to start sniffing packets
on most likely this will be the one labeled ethernet1. Once the device
is selected you can start scanning, a list of packets will start popping
up of all the activity on the network. Once someone has got this far
they’re basically done for type I all they have to do is right-click on
the packet then click read. Any data transmitted in plain-text is open
to their eyes so be careful on public networks.
Besides
the obvious black hat implications of packet sniffing there are a lot
of scenarios where this can be very useful. Such as analyzing network
problems, detecting network intrusion attempts, gather and report
networks of statistics, monitor data in motion and filter suspect
content from network traffic. Mr. Meyer(IT guy at my school) most likely
sniffs packets at our school to monitor traffic this is probably
automated by software searching for certain keywords in the packets and
then notifies Mr. Meyer when these keywords appear in the packets.
Type
I packet sniffing is not what you have to worry about when it comes to
invasion of information because type I deals with unencrypted, plaintext
information. The majority of Internet activity with sensitive data is
encrypted (that’s what the ‘s’ after http means) when you’re on a
website. If you use a mainstream e-mail service like Gmail or Yahoo
where the E-mails are encrypted when sent through the network so they’re
safe to from type I packet sniffing.
Type
I packet sniffing can be useful for analyzing network problems and
that’s the only thing I see it for or at least main use. Many times
people will see type I packet sniffing and think they’re hacking or
doing something illegal but not really there are some times where you
could use type I for malicious use but these events are very rare. I
have never actually performed type I packet sniffing in a scenario that
was actually useful. There is often other ways to diagnose network
issues that are more automated and easy to do so type I packet sniffing
is not commonly used in therefore the other categories of packet
sniffing or what everybody else hears about