If you have been in the networking industry even for a bit, then you have probably heard of the difference(s) between a hub and a switch. We will then consider a way to make packets meant for one segment of a network to “appear” on another part of the network, aiding in effective capturing of packets. However, Packet Capturing can be challenging on a switched network and we will discuss why in this article.
Security measures as outlined above can help protect the network against sniffing.One of the most useful techniques available to network engineers is Packet Capturing, but in order to do this, We'll need to dig into How to do it using a popular Technique called Port Mirroring.īy looking into the packets as they are sent across a network, a couple of interesting things become possible including deep troubleshooting of network issues, security monitoring and investigation, and also the ability to learn about various technologies. This makes the switch to operate like a HUB MAC flooding works by flooding the MAC table address list with fake MAC addresses. Active sniffing is done on a network that uses a switch. Passive sniffing is done on a network that uses a hub. 
Network sniffing is intercepting packages as they are transmitted over the network. Changing the network to a Secure Shell (SSH) network also reduces the chances of the network been sniffed. 
Encrypting messages as they are transmitted over the network greatly reduces their value as they are difficult to decrypt. Restriction to network physical media highly reduces the chances of a network sniffer been installed. Authentication, Authorization and Accounting servers can be used to filter discovered MAC addresses. It can also be used to maintain a secure MAC address table in addition to the one provided by the switch. This feature can be used to limit the number of MAC addresses on the ports. Some switches have the port security feature. This makes it possible to sniff data packets as they sent on the network. Once the switch has been compromised, it sends the broadcast messages to all computers on a network. This leads to overloading the switch memory and makes it act as a hub. MAC flooding is a network sniffing technique that floods the switch MAC table with fake MAC addresses.
0 kommentar(er)
