Talk With an Expert

Packet Sniffing In a Switched Environment

Packet Sniffing In a Switched Environment (PDF, 1.86MB)Published: 04 Aug, 2002
Created by
Tom King

This paper focuses on the threat of packet sniffing in a switched environment, and briefly explores the effect in a non-switched environment. Detail is given on techniques such as 'ARP (Address Resolution Protocol) spoofing' which can allow an attacker to eavesdrop on network traffic in a switched environment. Third party tools exist which permit sniffing on a switched network. The result of running some of these tools on an isolated switched network is presented; it clearly demonstrates that the threat they pose is real and significant. The final section covers ways to mitigate the threat of network sniffing in both non-switched and switched environments. It is proposed that encryption is the only true defence to the threat of sniffing.