Abstract
Today's networking environment has become very complex. Networks have been growing in size rapidly and have come to support more complex applications. As result, troubleshooting and maintaining networks has become cumbersome and has created the need for new specialized tools such as Network Protocol Analyzers, better known as "Network Sniffers".Network Sniffers have become critical tools in today's networking management and troubleshooting processes. They enable network managers to evaluate and examine the data running through their network by troubleshooting network performance problems and identifying certain network faults. Network Sniffers can help identify network attacks and detect security threats; they can be used in intrusion detection systems.Besides their usage in the technical environment, network sniffers can be used for educational and research purposes. They can be used to help understand packets' architecture and traffic patterns generated by common network applications. Network Sniffers can also be used to evaluate protocol performance and assist in protocol development. Despite their usefulness, network sniffers can be harmful when used by hackers. With network sniffers, hackers can capture data and steal information from targeted networks.This study consists of two major efforts. The first major effort entails researching and determining a set of criteria to use in evaluating and comparing network sniffers. The second major effort involves using the criteria to evaluate and compare three free network sniffers, thus building a taxonomy. The three free network sniffers used in this study were Ethereal, EtherSnoop and Packetyzer. Each of these three sniffers was evaluated and tested. Then their features and capabilities were compared.
- Daniel Magers, (May 9, 2002), "Packet Sniffing: An Integral Part of Network Defense", Retrieved on September 10, 2004 from http://www.giac.org/practical/Daniel_Magers_GSEC.docGoogle Scholar
- Roger E. Grimes, (July, 2004), "6 Network Protocol Analyzers", Retrieved on September 10, 2004 from http://www.winntmag.com/Windows/Article/ArticleID/42922/42922.htmlGoogle Scholar
- Alan Joch, (July 23, 2001), "Network Sniffers", Retrieved on September 10, 2004 from http://www.computerworld.com/networkingtopics/networking/lanwan/story/0,10801,62390,00.htmlGoogle Scholar
- Ethereal Website, http://www.ethereal.comGoogle Scholar
- EtherSnoop Website, http://www.arechisoft.com/Google Scholar
- Packetyzer Website, http://www.packetyzer.comGoogle Scholar
Index Terms
- A Taxonomy of free Network Sniffers for teaching and research
Recommendations
Invulnerability analysis of scale-free network and small-world network
AI2A '23: Proceedings of the 2023 3rd International Conference on Artificial Intelligence, Automation and AlgorithmsThis paper analyzes the invulnerability of two kinds of networks with different degrees of distribution. According to their topology, four attack strategies and two metrics were selected. The most effective attack strategy and the most appropriate ...
Building a network testbed for internet security research
Historical research of intrusion, anomaly, or rogue software detection, and network protection techniques to prevent Denial of Service, or other malicious software attacks, have involved antiquated singularly scoped techniques. Malicious software ...
Fast-flux service network detection based on spatial snapshot mechanism for delay-free detection
ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications SecurityCapturing Fast-Flux Service Networks (FFSNs) by temporal variances is an intuitive way for seeking to identify rapid changes of DNS records. Unfortunately, the features regard to temporal variances would lead to the delay detection (more than one hour) ...
Comments