Network Security: IP Packets and Packet Sniffing

IP packets, which exist at layer three of the OSI model are encapsulated inside of layer two frames.

• On wired lens, they are ethernet frames. 
• On wireless lens, they are 802.11 frames. 

In the context of capturing and analyzing network traffic, even though the lowest unit to analyze is the frame, it's still called packet sniffing. Every single bit -- all the ones and zeros that go in and out of a NIC (network interface card) can be seen and analyzed. There's an option to see them in true binary. Even hexadecimal. But, as humans, we prefer a format that is more intuitive.

A packet sniffer implemented in software or hardware will not only intercept and log all the ones and zeros moving in and out of a nic, but show it to us, humans, in a human-readable format. In addition to binary and hexadecimal. All of the fields of every single frame, packet, segment, data gram, and upper layer data will be shown with their names. Along with their corresponding data values.

For example, in the IP packet, source IP address -- x.x.x.x (192.168.1.113). Destination IP address -- x.x.x.x (192.168.1.107). We will see the content as they're listed in the RFC, or other specifications.