What is a sniffer?
First, the word “sniffer” is a trademark by Network Associates referring to the “Sniffer(r) Network Analyzer”. However, the word has become like “kleenex” or “PC” and has become a generic term. A search for “sniffer” in AltaVista will result in a huge number of matches unrelated to the Network Associates product. A sniffer is a wire-tap devices that plugs into computer networks and eavesdrops on the network traffic. Like a telephone wiretap allows the FBI to listen in on other people’s conversations, a “sniffing” program lets someone listen in on computer conversations. However, computer conversations consist of apparently random binary data. Therefore, network wiretap programs also come with a feature known as “protocol analysis”, which allow them to “decode” the computer traffic and make sense of it. Sniffing also has one advantage over telephone wiretaps: many networks use “shared media”. This means that you don’t need to break into a wiring closet to install your wiretap, you can d
Internet thieves use special software to put a “sniffer” in either the email router of the lawyer or the email router of the client. All email routers are identified by their IP addresses. The sniffer can examine the unencrypted header information of every packet of mail transiting the email router for mail going to the client or the firm. Sniffers search all unencrypted data packets for keywords, such as “litigation,” “damages,” or “court.” Flagging all packets matching the sniffer search criteria, the little rascal can send copies of the email to an anonymous email account, where the mail could be reviewed covertly, or could copy them to a covert location on the email router itself, for later retrieval.
