is for questions about capturing packets of various protocols that are transmitted over a network.
A lot of computer network protocols transmit their contents in packets. Packet capture is the interception of these packets as they are moved over a network of some type.
A packet sniffer captures raw data traveling over a network segment and saves it to a file for analysis.
Software
A software sniffer can generally only capture network data either originating from or going to the computer running it, plus any "broadcast" messages, if the computer is connected to the network via a switch. If the computer is connected to the network via a router, it may be able to capture network data for any device on connected to the same router.
Hardware
A hardware packet sniffer is physically connected to the network by connecting it to a router or switch. Sometimes the router or switch has to be configured to allow the sniffer to capture traffic being routed through it; this is called port mirroring.
Analysis
The captured data can be analyzed by the software that captured it, or by a program specifically designed to analyze the network data.
See Also
- Wikipedia Article on Packet Analyzers
- The term packet sniffer is also common and can be considered a synonym.
