3.1. Sniffing and Port Scanning
The first step in any successful attack is sniffing, used to see what type of traffic is being passed on a network, and look for things like passwords, credit card numbers, and so forth. Sniffing is the term generally used for traffic monitoring within a network, while port scanning is used to find out information about a remote network.
Both sniffing and port scanning have the same objective—to find system vulnerabilities—but they take different approaches. Sniffing is used by an attacker already on the network who wants to gather more information about the network. Port scanning is used by someone who is interested in finding vulnerabilities on a system that is unknown.
There are many tools available for network ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.