One of the network’s features is that data are transmitted up and down through network pipes, from one piece of equipment to another. That means when you try to send data to another computer, the data go through many network devices. We can use tracert command to help us understand how the packets travel among the devices.
This causes the problem that someone could see your data. It’s just like you sending out a mail and the postman can take a peek if he wants too.
Another point we have to make clear that data can be transmitted in Plain text format or encrypted code format. If data encrypted, the peeper only sees a pile of meaningless strings. He can choose to rank his brain to crack them down if he really wants to get the original data from it but it’s not easy at all. It’s pretty much like what happened in the Second World War. Everybody could receive telegram commands but it took a great effort to crack the code.
Let’s go back to the cyber world. Most of the data traveling up and down of the network are in the plain format. The hacker can easily get your information without effort unless your data go through his device, including trade secret, your credit information and your mailbox’s password and so on.Method
There are two methods that hackers sniff into your communication.
1. Install a sniffing tool on a network connection device such gateway, switch or router. There might be other hacking techniques required such as installing the sniffing tool to one of above mentioned network devices under an Administrator privileges.
2. Connect a sniffing tool to an unsecure Intranet. This kind of network is almost organized with a HUB. Any station in the network receives data from all other stations in the segment. That’s because a HUB broadcasts a packet to all physical ports on receiving a packet instead of sending it to a single port like a switch. All stations in the segment receive the packet, but they are discarded if the destination address does not match. The user won’t know this because it’s done under the ground. A user can get and open the data he shouldn’t get if he is intended to.Protection
Check whether your data are transmitted under plain text format or decrypted format before your request and transmission. We could use SSH other than telnet to manage a remote machine, and better choose use HTTPS to protect our usernames and passwords.
Keep away from a service requiring username and password (especially at an airport and railway station).
Choose high-level encryption tool to encrypt classified files and encrypt them before transmission.
Monitor the network status and try your best to avoid illegal sniffing tools use.
Pay attention to network devices. Replace a HUB with a switch for a network requiring security.
Pay attention to share folders and services. They’d better be protected with password authentication.