There are two types of sniffers
- Hardware Sniffers
Like hardware keylogger , hardware sniffers are the physical tool which are used to intercept the packets . A hardware tool is installs between the server and target that hardware works on layers od OSI model either on level 2 or level 3 . mainly for the sniffing software sniffers are used . Hardware sniffers stores the packets information into the log file or depending upon the hardware used.
Hardware sniffer is basically installed when the wired connection is present between two hots . Hardware sniffers are useless when it comes to the wireless sniffing.
- Software sniffers
Software sniffers are known as packet analysers and are widely used for the sniffing traffic and packets analysis . Packets analysis is one of the important technique in which all the incoming and outgoing packets are analysed . From the packets analysis information is gained . On the big levels traffic monitoring is done regularly to avoid the threats coming to the network . Sometimes malware or viruses can be packed into the packet and transferred by the attacker so using the packets analysis , exploitation can be avoided .
Wireshark is one of the most powerful packets analyzer tools. Wireshark come pr-installed in kali linux whereas it is available for download on its websites . Along with wireshark , TcpDump and tShark are also used. tShark is command line based wireshark tool used for packets analysis