CIS 606

Eavesdropping on a telephone call, known as wiretapping, is illegal in the United States unless a court order has been issued. Does sniffing fall into this category? What about an organization that uses a sniffer to secretly monitor employee activity? What are your feelings about sniffer use both by insiders of an organization as well as outsiders? If you were to craft a law about packet sniffing, what would it include? Wiretapping is the listening-in on telephone, telegraph or teletype or communications. It is usually done by attaching taps and listening or recording equipment to the communications wires. All the procedure of wiretapping is known as eavesdropping. It has been the subject of a great deal of debate in United State, and there are a number of laws regulating wiretapping. Sniffing is a technique to capture any traffic traveling along the network segment to which it is connected. The main purpose of sniffing is to capture network traffic, hoping to identify valuable information such as user IDs and passwords. It can be used legitimately or illegitimately to capture data being transmitted on a network. In this process, a network router reads every packet of data passed to it, determining whether it is intended for a destination within the router's own network or whether it should be passed further along the Internet. A router with a sniffer, however, may be able to read the data in the packet as well as the source and destination addresses. Employee monitoring versions usually take the form of sophisticated server-based software packages. Packet sniffers work by flaunting established network protocols of behavior.

Normally computers are only supposed to read those packets of data which are addressed to them. Packet sniffers, on the other hand, read all the packets which pass by them on the network, regardless of the address. By reading all, or a random sampling of network packets, it is within a packet sniffer's capability to report such data on employee network use as: which Web sites were visited, what content was viewed at the site, whom email was sent to, the contents of that email, what streaming technologies were used and the content streamed and the content of downloads from internet sites or from file servers on the corporate intranet. So, an organization can use a sniffer to monitor employee activities. Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems with network communications. However, it is also widely used by hackers and crackers to gather information illegally about networks they intend to break into. In one hand, Packet sniffing is one of the best tools for a network administrator to analyze network traffic and to troubleshoot problems. On the other hand, when a packet sniffer is in the wrong hands i.e. hackers use it this can cause quite a lot of damage to a company or an individual, especially if the victim hasn't taken the required protective measures. With that, the packet sniffers can be a great tool to maintain a network, yet they can be very destructive, if misused. So, its good and acceptable if the use of sniffer will be done within a company or their network to monitor employee activities or network traffic. But if the sniffer is done for bad cause, there has to be some kind of legal action for that. With the above explanation, we can say that the Packet sniffers are used for both legal and illegal activity. A legal packet sniffer is a commercial device used to assist with network management and maintenance and to provide network security. It is also used as a diagnostic tool for network backup systems and to examine the network system for any security breaches. In

other side, an illegal packet sniffer is used by a hacker to gain unauthorized access to sensitive information and data on a network. An illegal packet sniffer is installed without the knowledge of the IT administrator and hides in different areas of the network for the purpose of spying on and stealing the information packets that pass over the network. It will be very difficult to figure it out who is using the packet sniffing for good cause and other for bad cause. There are many good prospects of packet sniffing in the internet world. So, if I were to craft a law about packet sniffing, I wouldnt come out with any law against the packet sniffing but obviously; I would try to pass some laws that will help to stop the packet sniffing that are doing for bad causes; such as still password, username, hacking etc.

References: Bradly, T. (n.d.). Introduction to packet sniffing. Retrieved on January 17, 2011 from website: http://netsecurity.about.com/cs/hackertools/a/aa121403.htm Ciampa, M. (n.d.). Security+ Guide to Network Security Fundamentals, 3rd Ed Tanase, M. (2002). Sniffers: What They Are and How to Protect Yourself. Retrieved on January, 17, 2011 from website: http://www.symantec.com/connect/articles/sniffers-what-they-areand-how-protect-yourself