Sniffing is the process of monitoring and capturing all the packets passing through a given network using sniffing tools. It is a form of “tapping phone wires” and get to know about the conversation. It is also called wiretapping applied to the computer networks.
There is so much possibility that if a set of enterprise switch ports is open, then one of their employees can sniff the whole traffic of the network. Anyone in the same physical location can plug into the network using Ethernet cable or connect wirelessly to that network and sniff the total traffic.
In other words, Sniffing allows you to see all sorts of traffic, both protected and unprotected. In the right conditions and with the right protocols in place, an attacking party may be able to gather information that can be used for further attacks or to cause other issues for the network or system owner.
Types of Sniffing
Sniffing can be either Active or Passive in nature.
Passive Sniffing
In passive sniffing, the traffic is locked but it is not altered in any way. Passive sniffing allows listening only. It works with Hub devices. On a hub device, the traffic is sent to all the ports. In a network that uses hubs to connect systems, all hosts on the network can see the traffic. Therefore, an attacker can easily capture traffic going through.
The good news is that hubs are almost obsolete nowadays. Most modern networks use switches. Hence, passive sniffing is no more effective.
Active Sniffing
In active sniffing, the traffic is not only locked and monitored, but it may also be altered in some way as determined by the attack. Active sniffing is used to sniff a switch-based network. It involves injecting address resolution packets (ARP) into a target network to flood on the switch content addressable memory (CAM) table. CAM keeps track of which host is connected to which port.
Cyber–Vandalism
The term vandalism describes the deliberate act of damaging or destroying another person or company’s property without their permission. For example, with a computer, hardware vandalism is the act of intentionally breaking or destroying computer hardware. For example, a student could purposely damage a laptop given to them by the school.
Vandalism or cyber-vandalism could include any of the following.
- Intentionally damaging or destroying a digital object.
- Post fake reviews.
- Hacking into and defacing a website.
- Giving bad information on a forum or wiki.
- Posting fake news on a social network.
- Cheating or creating bots to cheat in online gaming.
- Post a virus or other malware for others to download unknowingly.