Packet Sniffing Basics

“Packet sniffing, or packet analysis, is the process of
capturing any data passed over the local network and looking for
any information that may be useful. Most of the time, we system
administrators use packet sniffing to troubleshoot network problems
(like finding out why traffic is so slow in one part of the
network) or to detect intrusions or compromised workstations (like
a workstation that is connected to a remote machine on port 6667
continuously when you don’t use IRC clients), and that is what this
type of analysis originally was designed for. But, that didn’t stop
people from finding more creative ways to use these tools.

The focus quickly moved away from its original intent—so
much so that packet sniffers are considered security tools instead
of network tools now.