- A snoop server is a server that uses a packetsniffer program to capture network traffic for analysis. Used to identify security risks and/or to monitor employees' activities (such as Web sites visited), a snoop program puts network interfaces into promiscuous mode. Promiscuous mode allows the system to access all the data in each network packet - instead of only routing-related information - including those packets intended for other computers. Packet data is typically captured to a file for later analysis and reporting. Any computer on a network can use a snoop program, although - at least for administrative purposes - they are most often installed on servers. Snooping is also a popular means of illicitly collecting network data; sometimes an administrative snoop server finds a previously undetected node operating for this purpose. The Sun Solaris operating system furnishes an administrative snoop command that captures packets and displays either a single line packet summary or a very detailed description.
Learn more about Monitoring Network Traffic and Network Forensics
Nessus 3 Tutorial: Network security expert Mike Chapple examines the new features in Nessus 3.2 and explains how the scanner can offer detailed reports on an enterprise's network security risks.
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.