A computer program that analyzes data on a communication network to gather intelligence, such as detecting passwords of interest that are transmitted over the Internet. Sniffers are used by crackers on compromised systems to spy on network traffic and steal access information for even more systems.
System administrators can detect whether a sniffer is running on their systems by frequently checking on the network interface settings. If a sniffer is running, the network interface card is set to a “promiscuous” mode, allowing it to read all traffic on the Internet. This setting is not the normal setting and therefore is quite easily detectable.