Packets are the fundamental of all data sent on the internet, yet they are frequently used insecurely. Tampering with live packets and the process it takes in order to alter packets traveling along the network are getting easier. Current exploits that hackers use are simply attainable by even novice hackers. There is a range of different packet scanning techniques used for sniffing.
Packet sniffing is generally defined as monitoring packets as they go over a network. Packet sniffers are typically software based, but they can also be hardware items installed directly along the network. Sniffers can go beyond network hosts that are seen in local area networks (LAN) that only manage data that is sent specifically to them.
Most sniffers are difficult to discover as they work quietly and just gather data. Some, however, can be active and are, therefore, more likely to be detected. They can be used legally within a network by system administrators in order to monitor and troubleshoot the traffic on their own network. For example, if a computer is having difficulties communication with another computer, an administrator can check the packet from one machine to the other machine and determine the cause of the issue.
The security risk arises when an adversary uses a sniffing tool to obtain plaintext sensitive material such as passwords.