Packet sniffers, also known as network analyzers or protocol analyzers, are a type of software that can intercept and evaluate a network's traffic. Packets are formatted units of data, and this is how data is transferred across a computer network. Packet sniffer software captures these packets of information and analyzes their contents. Depending on how extensive the features of the packet sniffer program being used, such software can capture traffic on the whole network or just parts of it. It does this by putting a computer's network adapter device (the piece of hardware in your PC that allows it to connect to the network) in promiscuous mode. In such a mode the network adapter will allow all packets coming through the network to pass through to the computer's central processing unit, not just the ones that are addressed to it, which is what happens in normal mode settings.
1. Download and install the packet sniffer software.
Go to the developer's website and download the free packet sniffer software. Be sure to choose one that is designed to run on your operating system. Some are only meant for Unix, some can run on both Unix and Windows. Once the download is complete, run the set up to begin installation. A window will appear that will guide you through every step of the installation process.
2. Run the packet sniffer software.
Depending on the features of the packet sniffer software you installed, you can use this program to perform several kinds of tasks:
2.1 Analyze packets.
There are different types of packets: TCP/IP - Transmission Control Protocol/Internet Protocol, UDP - User Datagram Protocol, and ICMP - Internet Control Message Protocol. These various types of protocols refer to the different ways data communication is carried through the network. The most common is TCP/IP. A TCP/IP packet has a header section and a data section. The header section contains the origin and the destination of the packet. The data section contains the packet's content. By analyzing packets, you can discover who is communicating with whom and what is being sent and received in the network.
2.2 Evaluate network traffic.
By capturing enough packets, you can collect statistics on the amount of messages that are passing through the network and which processes have the most or least amount of traffic. This way you can make a decision to either expand or limit the network's bandwidth.
2.3. Troubleshoot the network.
Packet sniffer software can detect if a particular computer's network adapter is able to receive messages, or if a particular port is sending excessive messages. Both are symptoms of trouble occurring in the network's operation. This detection feature can help a user identify and isolate the problem.
Packet sniffers are two-edged swords. They are one among various network security tools which can help monitor a network and analyze its problems. But because of the way it operates, it can also be used by malicious people to hack into networks.