How it works
Let’s say your computer is in network #1 and it was connected to a hub. All computers in your network receive same signal. It means your computer sockets receive all signals in the network.
But operating system is extract only massagers address to you (your computer).
Depth
Your computer is connecting to #1 network; they you can see all packets sending and receiving to 192,168.1.1 …5.
Your computer is connecting to #2 network; they you can see all packets sending and receiving to 192,168.1.6 and 7 + packet sending and receiving to #1 and other..
Lets say you send a message from 192.168.1.1 to 192.168.1.5; (a feature of switching hub) that message will route directly to it and not visible to network #2.
How packet behaves
What type of packet can be identified?
Ethernet
IPv4
IPv6
ARP/RARP
TCP
UDP
ICMPv4
What kind of applications can we develop
Network and protocol analyzers
Monitor network usage
Traffic loggers
User-level bridges and routers
Network intrusion detection systems (NIDS)
Network scanners
Security tools
Gather and report network statistics
Filter suspect content from network traffic
Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use)
Reverse engineer proprietary protocols used over the network
Debug client/server communications
Debug network protocol implementations
Is network is secure
Most of the stuff going through internet is going as plan text. It means other people can see. Mostly login and authentication related stuff is encrypted and rests of the things are going as plan text or with simple encoding. Especially chat massagers are moving as plan text.
Why can’t make it secure
Security makes more cost, traffic and more processing power. So it becomes slower and inefficient.
Next: how to read packet using java
Keep in touch
