For decades computer network administrators have used this type of technology for network monitoring and to conduct diagnostic tests and repair problems. In short, packet sniffing is the method used to see all kinds of information as is passes over the network it is linked to, but how does a packet sniffer work?
A packet sniffer is a piece of software or hardware capable of monitoring all network traffic. It is able to capture all incoming and outgoing traffic for example clear-text passwords, user names and other private or sensitive details.
A packet sniffer can be passive and therefore undetectable or active in which case it can be detected by software designed for the purpose of protecting privacy. A packet sniffer can be run on non-switched and switched networks.
In the scheme of things, a computer usually only examines a packet of data that corresponds to the computer's address but with a packet sniffer you are able to set the network interface to 'promiscuous mode'. In this case it examines ALL available information passing through it. The main domain server is a watchdog for all transmitted data.
As the data passes through the system it is copied and stored in memory or on a hard drive. The copies are then able to be studied and the information analyzed.
