1 00:00:00,330 --> 00:00:01,710 Now, what is Bickett sniffing? 2 00:00:03,320 --> 00:00:09,890 Maggot sniffing is the practice of gathering, collecting and logging some or all buckets that passes 3 00:00:09,890 --> 00:00:13,580 through a computer network regardless of how the bucket is addressed. 4 00:00:14,120 --> 00:00:21,280 So in this way, every bucket or a defined subset of Eckert's may be gathered for further analysis. 5 00:00:21,560 --> 00:00:22,430 You has a network. 6 00:00:22,430 --> 00:00:29,000 Administrators can use the collected data for a wide variety of purposes, like monitoring bandwidth 7 00:00:29,000 --> 00:00:29,620 and traffic. 8 00:00:30,080 --> 00:00:37,640 Now it's sometimes called a packet analyzer, and it is composed of two main bots first network adapter 9 00:00:37,640 --> 00:00:42,860 that connects to snipper to existing network, and second, a software that provides a way to log, 10 00:00:43,160 --> 00:00:46,280 see or analyze the data collected by the device. 11 00:00:46,670 --> 00:00:48,830 Now, how does the bucket sniffing work? 12 00:00:49,460 --> 00:00:54,740 And at work is collection of nodes such as a personal computer servers, networking hardware that are 13 00:00:54,740 --> 00:00:55,280 connected. 14 00:00:55,820 --> 00:00:59,720 The network connection allows data to be transferred between these devices. 15 00:00:59,840 --> 00:01:04,160 The connections can be physical with cables or wireless with radio signals. 16 00:01:04,280 --> 00:01:08,330 Networks can also be a combination of both types. 17 00:01:08,360 --> 00:01:14,210 Now, as nodes send data across their network, each transmission is broken down into smaller pieces 18 00:01:14,210 --> 00:01:14,960 called Becket's. 19 00:01:15,180 --> 00:01:22,550 OK, the defined length and chip allows the data to be checked for completeness and usability. 20 00:01:22,790 --> 00:01:26,360 Because a network's infrastructure is common to many nodes. 21 00:01:26,660 --> 00:01:33,380 Becket's, destined for different nodes, would pass through numerous other nodes on the way to their 22 00:01:33,860 --> 00:01:34,570 destination. 23 00:01:34,910 --> 00:01:41,750 So to ensure data is not mixed up, each packet is assigned an address that represent the intended destination 24 00:01:41,750 --> 00:01:42,520 of that packet. 25 00:01:43,040 --> 00:01:49,550 And Becket's address is examined by each network, adapter and connected device to determine what node 26 00:01:49,550 --> 00:01:50,300 the packet is. 27 00:01:50,300 --> 00:01:54,770 This then for and the normal operating conditions. 28 00:01:55,550 --> 00:02:04,220 If I node sees a packet that is not attached to it, the node ignores the packet and its data at sniffing 29 00:02:04,220 --> 00:02:11,240 ignores this standard practice and collects all or some of the packets regardless of how they are addressed. 30 00:02:12,420 --> 00:02:14,130 No types of bickett snippers. 31 00:02:15,490 --> 00:02:21,160 We have hardware packet sniffers are there, but Sniffer is designed to be plugged into a network and 32 00:02:21,160 --> 00:02:27,310 to examine it, a hardware packet sniffer is particularly useful when attempting to see traffic of a 33 00:02:27,310 --> 00:02:34,180 specific network segment by plugging directly into the physical network at the appropriate location. 34 00:02:34,300 --> 00:02:42,010 A hardware packet sniffer can ensure that no packets are lost due to filtering, routing or other deliberate 35 00:02:42,010 --> 00:02:44,110 or inadvertent causes. 36 00:02:45,270 --> 00:02:51,870 Now, we have solved Beckett's neighbors and most Buckett snippers these days are the soft varity why 37 00:02:51,890 --> 00:02:57,500 any network interface attached to a network can receive every bit of network traffic that goes by. 38 00:02:57,660 --> 00:03:01,500 Most are configured not to do so as a software packet sniffer. 39 00:03:01,680 --> 00:03:08,790 Change this configuration so that the network interface is all the network traffic up the stack. 40 00:03:09,120 --> 00:03:16,740 This configuration is known as promiscuous mode for the most network adapters or that monikered mode 41 00:03:16,770 --> 00:03:20,750 once in promiscuous mode or monitored mode, the functionality of a back. 42 00:03:20,760 --> 00:03:27,960 It just never becomes a matter of separating, reassembling and logging all software packets that bypass 43 00:03:28,170 --> 00:03:32,160 the interface regardless of their destination addresses.