A packet sniffer connected to any network intercepts all data flowing over that network.
On an [local area network LAN, computers typically communicate directly with other computers or devices on the network. Anything connected to that network is exposed to all of that traffic. Computers are programmed to ignore all network traffic not intended for it.
Network sniffing software opens up to all traffic by opening up the computer’s network interface card NIC to listen to that traffic. The software reads that data and performs analysis or data extraction on it.
Once it receives network data, the software performs the following actions on it:
- The contents, or individual packets sections of network data), are recorded.
- Some software only records the header section of data packets to save space.
- Captured network data is decoded and formatted so that the user can view the information.
- Packet sniffers analyze errors in network communication, troubleshoot network connections, and reconstruct entire datastreams intended for other computers.
- Some network sniffing software retrieves sensitive information like passwords, PIN numbers, and private information.