Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Chapter 4
True/False
Indicate whether the statement is true or false.
1. The three types of sniffer are bundled, commercial, and free.
2. Sniffers look only at the traffic passing through the network interface adapter on the machine where the application is
resident.
3. Information traveling across a network is typically in human-readable format.
4. When you transmit information in a data packet to a computer on a network, the request is sent to every computer on
that network that uses the same Ethernet cable or wireless LAN.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
1. ____ comes bundled with Windows. Network Monitor, a component of Microsoft Systems Management Server
(SMS), enables you to detect and troubleshoot problems on LANs,WANs, and serial links running the
Microsoft Remote Access Server (RAS).
a.
Tcpdump
c.
Ethereal
b.
Network Monitor
d.
Wireshark
2. ____ is bundled with the Solaris operating systems. It captures packets from the network and displays their contents.
a.
Tcpdump
c.
netfmt
b.
nettl
d.
Snoop
3. The ____ captures the network traffic from the Ethernet connection.
a.
capture driver
c.
decoder
b.
buffer
d.
packet analysis
4. Previously known as Ethereal, ____ is probably the best-known and most powerful free network protocol analyzer for
UNIX/Linux and Windows.
a.
Tcpdump
c.
Wireshark
b.
Snort
d.
Nessus
5. ____, the most commonly bundled sniffer with Linux distros, is also widely used as a free network diagnostic and
analytic tool for UNIX and UNIX-like operating systems.
a.
Snort
c.
Ethereal
b.
Wireshark
d.
Tcpdump
Completion
Complete each statement.
1. A(n) ____________________ is an application that monitors, filters, and captures data packets transferred over a
network.
2. When a sniffer captures data from a network, it stores the data in a(n) ____________________—a dynamic area of
RAM that holds specified data.
3. In order to identify a particular computer on a network, computers are assigned a unique identifier called a(n)
______________________________ address.
4. A NIC can be set up to retrieve any data packet being transferred throughout the Ethernet network segment. This
mode is known as _________________________.
5. ______________________________ is based on the principle that distance can be measured by computing the time
required for reflected energy to be measured at the source.
Short Answer
1. What are the main characteristics of commercial sniffers?
2. What are the major differences between commercial sniffers and free sniffers?
3. What are the network interfaces supported by TCP/IP?
4. What are the components of a sniffer?
5. Where are sniffers normally placed?
