Wireless sniffers are customized packet analyzers specifically designed to capture data over wireless networks. Packet analyzers are software programs, occasionally hardware tools, which will detect, intercept and decode data over a wireless connection. Wireless sniffers are used for many legitimate actions, including detecting, investigating and diagnosing network problems; filtering network traffic; monitoring network security, usage and activity; detecting and identifying network bottlenecks and configuration issues; detecting network vulnerabilities, malware and attempted security breaches and much more. However, they can also be used by malicious attackers to harvest confidential data and sensitive company information. How are wireless sniffer attacks performed? Wireless sniffers can be used to monitor network traffic, steal sensitive data such as passwords and credit card information and also can be used to acquire information about the network. Malicious attackers typically use wireless sniffers in areas with unsecured wireless networks such as coffee shops, restaurants, libraries and other public places. Wireless sniffers can also be used in spoofing attacks. In these cases, malicious attackers use the information acquired from the wireless sniffer to disguise their attack as an authorized communication from a legitimate source within the network. Wireless sniffing can be broken down into two different types of modes: promiscuous and monitor.
- Promiscuous: The wireless sniffer can access and read all data traveling to and from a wireless access point. This enables the sniffer to transmit data which can result in easier detection of the sniffer. This is the most common type of sniffing attack.
- Monitor: This type of wireless sniffer monitors incoming data but does not actually send out anything, making it very hard to detect and locate.