- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Packet Sniffing In a Switched Environment
- Abstract
- This paper focuses on the threat of packet sniffing in a switched environment, and briefly explores the effect in a non-switched environment. Detail is given on techniques such as "ARP (Address Resolution Protocol) spoofing", which can allow an attacker to eavesdrop on network traffic in a switched environment. Third party tools exist which permit sniffing on a switched network. The result of running some of these tools on an isolated, switched network is presented; it clearly demonstrates that the threat they pose is real and significant. The final section covers ways to mitigate the threat of network sniffing in both non-switched and switched environments. It is proposed that encryption is the only true defence to the threat of sniffing.