Network Security: Packet Sniffing

Packet sniffers can provide so much insight to network traffic.

•     They can monitor data in motion -- serve as primary data source for day-to-day network monitoring and management.
•     Monitor network usage, including internal and external users and systems.
•     Gather and report network statistics.
•     Verify adds, moves, and changes.
•     Verify internal control system effectiveness in firewalls, access control lists, web filters, spam filters, and proxies.
•     Document regulatory compliance through logging all perimeter and end point traffic.
•     Monitor WAN Bandwidth utilization.
•     Monitor WAN and endpoint security status.
•     Analyze network problems.
•     Debug client server communications.
•     Debug network protocol implementations.
•     Gain information for carrying out a network intrusion.
•     Spy on other network users by eavesdropping on unencrypted data.
•     Collect sensitive information, such as login details or user cookies, depending upon encryption being used.
•     And, capture packets for subsequent playback in replay, man-in-the-middle, and packet injection attacks.
•     Reverse engineer proprietary protocols used over the network.
•     Detect network intrusion attempts.
•     Detect network misuse by internal and external users.
•     Filter suspect content from network traffic.