“A sniffer is any device, software or hardware, which grabs
information traveling on a network. The purpose of a sniffer is to
place the network interface (Ethernet adapter) into promiscuous
mode, and by doing so, to capture all network traffic. Promiscuous
mode refers to the mode where all workstations on a network listen
to all traffic, not simply their own.”
“Sniffers represent a high level of risk because: they can
capture passwords; they can capture confidential or proprietary
information; and they can be used to breach security of neighboring
networks, or gain leveraged access.”
“As we have seen, sniffer attacks are difficult to detect
and thwart because sniffers are passive programs. They don’t
generate an evidence trail (logs), and when used properly, they
don’t use a lot of disk and memory resources.“