Definition

snoop server

A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis. Used to identify security risks and/or to monitor employees' activities (such as Web sites visited), a snoop program puts network interfaces into promiscuous mode. Promiscuous mode allows the system to access all the data in each network packet - instead of only routing-related information - including those packets intended for other computers. Packet data is typically captured to a file for later analysis and reporting. Any computer on a network can use a snoop program, although - at least for administrative purposes - they are most often installed on servers. Snooping is also a popular means of illicitly collecting network data; sometimes an administrative snoop server finds a previously undetected node operating for this purpose. The Sun Solaris operating system furnishes an administrative snoop command that captures packets and displays either a single line packet summary or a very detailed description.

This was last updated in June 2007

Continue Reading About snoop server

Dig Deeper on Monitoring Network Traffic and Network Forensics

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close