The development of information technology, especially the internet now provides sophisticated facilities. But behind it all there is one problem regarding internet security. No internet user wants important data sent over the internet to be known by an unauthorized person. Data security in this case through the internet network is an important thing.
When the process of sending data from client to server and vice versa, this is where the most vulnerable sniffing crime occurs. So when you send data or receive data through an internet connection you need to always be vigilant, whether there is a sniffer who tries to steal data when the transfer process occurs or not. To be able to check whether you are a victim of a sniffer is difficult, cannot be detected from the beginning can only be prevented. Well then do you already know what sniffing is?
What Is Sniffing?
Sniffing is a wiretapping crime that is carried out using an internet network with the primary purpose of illegally retrieving sensitive data and information. How sniffing works is when you are connected to a network that is public, when you do the data transfer process from the client server and vice versa. Because data flowing on the client and server is alternating, this sniffing will capture packets sent illegally using helper tools.
Sniffing works on the data segment at the transport layer by inserting a malicious program on the victim’s computer, where later the program will do the sniffing process so that sensitive data on the victim’s computer can be read by the sniffer.
Sniffing is classified into 2 types, namely:
- Passive Sniffing
Passive sniffing is a wiretapping crime by not changing the contents of data packets sent between server and client. So you don’t feel suspicious because there are no signs of being a sniffer victim. Passive sniffing usually occurs on the Hub, because the Hub’s main task is to distribute signals to all client computers, in contrast to the switch function that has a feature to avoid collisions or clashes by reading the MAC address of the client computer. Some tools are often used for passive sniffing such as Wireshark, Tcpdump, Kismet, Ettercap, Dsniff and others.
- Active Sniffing
The opposite of passive sniffing, active sniffing is a crime of wiretapping by changing the contents of data packets in the network. The most common active sniffing action is ARP Poisoning, Man in the Middle Attack (MITM). Active sniffing is usually done on a network switch, no longer on the hub.
Not only at the OSI transport layer, sniffing can actually be done at the application layer and physical layer. Sniffing on the physical layer is usually done by illegally tapping into the communication channel network.
How Sniffing Packages Work
Sniffing how it works has several stages until the data packet retrieved can be read, well what are the stages of sniffing? The following discussion:
The first way the packet works is to change the interface and start collecting all data packets through the network being monitored.
The way it works after collection is conversion by changing the data that has been collected in binary form into data that is easier to understand.
The third way of working is to analyze data that has been converted into protocol blocks based on the data transmission source.
- Data Collection
How sniffing works the last after all is done, hackers will take the data.
Protocol Used for Sniffing
Here are some computer network protocols that are often used by sniffing to use the action, here is a list:
HTTP or Hypertext Transfer Protocol is used to send data packets without encryption, so sniffing can be done easily.
SMTP or Simple Mail Transfer Protocol, its main function is to transfer email, but it is still not safe from sniffing crime.
NNTP or Network News Transfer Protocol can be used for all types of communication, but the drawback is that each data packet sent is clear text that is easy to read so it is very vulnerable.
POP or Post Office Protocol has the function to receive e-mail from the server, this protocol cannot be guaranteed safe because incoming e-mail is still possible to insert e-mail spoofing.
FTP or File Transfer Protocol has the function to send and receive files, but does not have the slightest security feature. All data sent is in the form of text which is easily taken by the sniffer.
Now the last one is IMAP or Internet Message Access Protocol, whose function is similar to SMTP, which is related to email transfer.
Now that’s the discussion about what is sniffing and the full explanation. To avoid sniffing, you can secure the website by using Secure Socket Layers or SSL services, SSL allows to secure encryption of shipments from server to client and vice versa with the secure 256 bit encryption strength of sniffing. What are you waiting for, with only 150,000 Cheap SSL / year? You can get an SSL certificate from Sectigo Positive SSL from Gudangssl.id for more website security protection.