PASSWORD SNIFFING

Password Sniffing

Password sniffing is a technique for harvesting passwords that involves monitoring traffic on a network to pull out information. Software to do this automatically is available from several companies and people also can do it manually or write their own software for a specific purpose. While not always malicious in intent, it can be a security threat and there are steps that can be taken to protect a network from sniffing.

If a hacker can't guess your password, there are other ways he/she can try to get it. One way which has become very popular is called ``password sniffing''.It turns out that most networks use what's known as ``broadcast'' technology. What that means is that every message that a computer on the network transmits can be read by any other computer on that network. In practice, all the computers except the recipient of the message will notice that the message is not meant for them, and ignore it.

However, many computers can be programmed to look at every message on the network. If one does this, one can look at message which are not intended for you.Hackers have programs which do this, and then scan all the messages which traverse a network looking for passwords. If you login to a computer across a network, and some computer on the network you use has been compromised this way, you may end up giving your password to the attacker.Using this technique, hackers who've broken into computers which are on heavily used networks have collected thousands of passwords.This is a serious threat to users who login to our computers from remote sites. If you login on the console of a computer, your password never crosses a network where it can be sniffed. But if you login from some other school, or from an internet service provider, you are dependent on the security of their network.