Can someone tell me about what a sniffer is?

Question

I am talking about the computer term. What is it? How does it work? How does one stop it? What sort of information does it give someone?

Thanks,
Justin

In response to Ms Dell:

Thank you for making that easier for me to understand.

Ok, so it's a program hackers use to find files on an individual's computer. What sort of files or information do they find though? Like worst case scenario. Also how would one stop someone from sniffing out this information?

Thanks again,
Justin

In response to Sultan:

Thanks for the information, really. However it was way too confusing for me to understand. I will try to take a look at it though as best as I can.

Justin

In response to p37ry:

Thanks for the info, really. Also a bit too hard for me to understand. However I will try and look at parts of it as best as I can.

Justin

Thank you Ms Dell for the updated information.

In response to fa2a38:

Thanks for the information as well.

I am still confused though what a hacker can do with this information they sniff out.

Justin

Ms Dell, I actually have a virus protection / internet security ...which wasn't free. It cost money for the subscription. Also McAfee ...once tried it ...and it went against the internet security we have.

Justin

Ms Dell and fa2a38,

Thanks again for the info. Correct me if I'm wrong but are you two now fighting with each other's comments? That's now confusing me even more ...and I was already confused with all the different bits of information.

Meaning this nicely and thanks again,
Justin

Here's what I knew before asking the question:

Someone I was chatting with (I'm in Canada and he's in USA) said he knows my IP#, my location, where I surf/serf (pardon my spelling) on the internet. Later ...I found out about his sniffer. No details after this. Just that he swears he won't damage my PC.

Here's what I think I understand from the answers you've all given:

A sniffer is a program which is either bought or comes from a website and is downloaded. It's used by hackers to get information from peoples computers, their files. Hackers can also put viruses on others computers. Apparently they can also get credit card numbers ... That it's good to have McAfee but not with Norton (which is what I am using and will continue to use until the subscription runs out ...as I don't like wasting money). However it seems that using these virus protection things doesn't seem to help as a hacker can create something a computer will think is normal.

I'm still confused here as to what to do.

I also don't fully understand all the information that a sniffer can gather. I was hoping for like a list of everything. Also like what they can do with this information.

What's the proper way to even stop this. The way it sounds is that there is no way.

Thank you Ms. Dell for explaining thsi further. Thank you also for putting up with my comments ...which were not intended in a rude way (I never intend to be rude as I try to be the best person I can be).

As for the fighting ...I know you weren't now ...it just looked like it from the words below yours. I just didnt want to see any fighting ..as my question wasn't meant to cause a fight.

And about the Norton ...I will use Norton until it runs out. I was thinking afterwards of switching to another one (McAfee for example) as I've heard once before (besides you mentioning it) that it is a better one to use. Just that I'd rather wait until the subscription is used up.

Thanks again and have a good day,
Justin

Thank you Ms. Dell for explaining this further. Thank you also for putting up with my comments ...which were not intended in a rude way (I never intend to be rude as I try to be the best person I can be).

As for the fighting ...I know you weren't now ...it just looked like it from the words below yours. I just didnt want to see any fighting ..as my question wasn't meant to cause a fight.

And about the Norton ...I will use Norton until it runs out. I was thinking afterwards of switching to another one (McAfee for example) as I've heard once before (besides you mentioning it) that it is a better one to use. Just that I'd rather wait until the subscription is used up.

Thanks again and have a good day,
Justin

Ugh, ignore one of the two last added details. It wasn't meant to send like that.

As for the fighting fa2a38 ...maybe you were or maybe you weren't ...in which case I was mistaken and I'm sorry.

Justin

Answer 1

What's up with the whole paragraph you received from the people above me? You simply asked a question about sniffer, and you got to read these whole bunches from paragragh?

Let me give you a quick response, something that won't hurt your eyes and head.

A dog usually sniffs things to find it... It is the same with computer. A hacker use a special program to sniff your computer files on your computer. Sniffer is a NOUN word, so yeah, he is sniffing through your personal information files on your computer. It is as simple as that


UPDATE:

Hackers infect your computer with programs called " Trojan" and other threats. In fair words, they're called " computer virsues."

To stop hackers from getting into your computer to sniff your files, dowsnload McAfee 2007. You have to pay because I am recommending something good for you. If you are like the rest who believe in free craps, then I don't know what to say. Common sense tells you that nothing free is good.

Visit this link to go to the website where you can purchase your computer defense http://us.mcafee.com/

A firewall blocks hacker from targetting your computer. You will also get one from the link I provided.

What hackers look for on your computer? Good question, and let me answer this for you.

When you purchase something off the Internet with your credit card, the hacker can use a program to read your key typing, which will reveal your credit card number to the hacker... The Hacker can then use your credit card to purchase stuffs off the Internet and leave you with the bills.

Hackers infect your computer with dangerous programs to do many damages. Some use the program to steal credit cards, and some use the program to watch and take control over your computer to do harmful things with it.

I highly recommend that you purchase McAfee immediately and start using it. The free firewall and viruses protections are not as powerful as those you pay for.

Once again, visit http://us.mcafee.com/ to purchase yours today.

second Update:

Please note that you cannot use two different sets of Internet security on your computer; they will conflict ( Fight) and damage your OS ( operating system) That's why McAfee went against your Internet securities.

It is not wise to use Norton Firewall and McAfee virus protection. If you choose Norton, go strictly Norton, not the mix of the two.

However, I highly recommend that you use McAfee Virus scan, Internet security, firewall plus, spam killer and spyware protections; all from McAfee.

Norton and McAfee make different code, so they usually conflict with each other. Once again, if you choose McAfee, go strictly McAfee, not the mix of the two.

You have a blessed day.

3rd update:

Please be informed that I am not agruing with anyone. I have blocked the person below me for revealing his/her ignorance.

I already told you that hackers will use your credit card information to purchase stuffs online and leave you with the bill. However, the hacker will buy clothes for him/herself and leave you with the bill. You are charged for something you never purchased from the first place. That's just an example.

A Hacker can trace your IP to locate where you live. If a hacker is angry with you and decides to commit murder, he can trace your IP to find out where you live.

In order for MOST hackers to do this, he/she has to sniff your importance on your computer, such as your sensitive files that contain your home address, phone number, etc, but only if you have those information stored on your computer.

The Trojan horse, for an exaple, can also reveal enough information in order for the hacker to have a conversation with your ISP ( Internet service provider) If the hacker has enough information to have your ISP pulled up your record, then you can get screwed right there.... A hacker cannot use your IP to damage your computer.

Certain hackers, though, the real brillant hackers, can take this action to the next extreme level, causing more depressions

I never said you should get rid of Norton. I said use one suit instead of the mix of both. If you choose to use Norton, use strictly Norton.

Contact your ISP and let them change your IP address.

Once again, I cannot read or see anything the person below is saying or typing. I have blocked his/her ignorance. There is no reason to argue with individuals online. I have better things to do.

You have a great day.

Answer 2

Wow, both these idiots got it wrong.

In terms of how "Hackers use it, like you asked"

But its used to analyze network data and trouble shoot network problems.

Sniffers can only sniff "NETWORK TRAFFIC" on a "Local" network meaning your home network. There are some cases where "Remote" Traffic can be sniffed but you need 2 routers with DMZ enabled and its is way beyond the scope of your question "What is a sniffer"

Sniffers again "DON'T TELL PEOPLE ABOUT THE FILES ON YOUR COMPUTER" they tell crackers (a.k.a hackers) what type of data is being sent over the network. If the data has strong encryption within the network it can't pick up on what the data actually says or is, if its not encrypted the data can be viewed pretty much in plain text. (such as AIM conversations or yahoo chat conversations.)

Popular network sniffers are

Wireshark and Ethereal

Site for Ethereal
http://www.ethereal.com/

Site for Wireshark
http://www.wireshark.org/

another good one is Snort and AirSnort
http://snort.org/

Update : AntiVirus and Software Firewalls are a joke. AV is only as good as its definition list, and guess what if I write a server program or trojan program that gives me remote access to your computer, 1 AV won't pick up on it because its not a known definition. 2 They never will because the server/trojan will be melted into the file system so there wouldn't be a real file name attached to the service. From there your ONLY HOPE is your SOFTWARE FIREWALL, but all I have to do is make my server look like a common service or bind it to an actual common used service once its in so now the firewall can't block it if it looks normal OR its attached to a normal file.

Answer 3

Fo sho:

"A program to capture data across a computer network. Used by hackers to capture user id names and passwords. Software tool that audits and identifies network traffic packets. Is also used legitimately by network operations and maintenance personnel to troubleshoot network problems."

From http://www.antionline.com/fight-back/I_Just_Got_A_Cable_Modem.php :

"Another concern is network sniffers. When you use a cable modem, you're on the network directly and as such, your traffic can be "sniffed" from the network. Sniffing translates to "listening" on the network for traffic and "watching" what exactly comes across. User names and passwords that are sent across the network in plaintext are easily captured. There is not an easy way to avoid being "sniffed" except to avoid using services that send usernames and passwords in the clear. Buying merchandise from the web on a non-secure web server could be a BIG mistake since your data is sent in plaintext. Try to stick to secured web servers when buying merchandise. "

So use secure sights, get a free firewall (try zonealarm here: http://www.zonealarm.com/store/content/home.jsp ) and be safe.

Hope this helps!

Answer 4

People seem to be pretty confused on what "open", "closed", "blocked" and "stealthed" mean when it comes to networking security.

An "open" port means that there is an application actively listening for connections on that port. It does not imply that the port is or is not filtered by a firewall.

A "closed" port means that there is NO application listening for a connection on that port. It does not imply that the port is or is not filtered by a firewall.

A "blocked" port means that the port in question is filtered by a firewall. It does not imply that there is or is not an application listening on that port.

A "stealthed" port merely means that the port did not respond with anything - ie it violated TCP/IP protocol. There's also a common misconception that "stealthed" ports are always a good thing - this is not true. Another misconception is that a "stealthed" port makes you safer - this also is not always true.


So ... if you did a port scan on yourself and it claimed that port 80 is "open" it means that you have an application running on your computer listening for a connection. Your firewall is not your primary concern here - finding out what application is listening to that port is PARAMOUNT. Blocking the port with your firewall can serve as a stop gap, but you need to solve the problem - not patch the symptom.

At the command prompt type netstat -ao. Look under "local address" for port 80. Then find the associated PID number for that listing. Now press ctrl-shift-esc and select the "process" column. Goto the menu bar and select "view" and "select columns". Check off the "PID" box. Now find the associated PID number you found with the netstat command and find the name of the application listening.

http://www.iana.org/assignments/port-numbers

http://www.intel.com/technology/usb/ehcispec.htm

Install Comodo Firewall = http://www.personalfirewall.comodo.com = "Comodo Firewall, rated by PC Magazine Online as an Editor's Choice, constantly monitors and defends your PC from internet attacks. It's easy to install and use and passes the industry's most stringent firewall "leak" tests. Unlike some other 'free' firewalls, this is not a stripped down version but is the full, completely functional product. This free solution comes complete with continual updates that are free forever." Note - Not compatible with Windows 98 systems."

Whenever my cable goes out and I have to switch to dialup backup, I turn off the router, and turn on AnalogX PortBlocker = http://www.analogx.com/contents/download/network/pblock.htm
How Routers Work = http://computer.howstuffworks.com/router.htm
How does a computer's uninterruptible power supply (UPS) work = http://computer.howstuffworks.com/question28.htm

( Never have 2 or more software firewalls running on the same computer as they will conflict with each other. Remember now with SP2 on WinXP there is a firewall, so if you get a third party alternative be sure to disable the Windows SP2 firewall! Only use/enable one software firewall. To turn Win XP firewall on/off = start/control panel/double-click on network connections/right click on the icon for the connection you are using/properties/advanced/ check or uncheck box next to "internet connection firewall" )

An important thing to keep in mind of course, regardless of which anti-virus, anti-malware, anti-spyware and firewall you use is to keep it UPDATED, just as it is important to make sure you have all windows critical and security updates + http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us

The way I have mine set is to only notify me that updates are availiable, but to not download them automaticaly. Then I can check to be sure I get just the ones I want. I then click on "custom", and after the updates have been downloaded I look them over to see which ones I want, then disconnect from the net, disable firewall and anti-virus program, and then install the updates, and then re-enable the firewall and anti-virus programs before reconnecting to the net. = http://support.microsoft.com/kb/306525


http://www.dailyrotation.com

Calendar Of Updates= http://www.dozleng.com/updates/index.php?act=calendar