January 16, 2012

1.1.9 Protocol Analyzer

A "protocol analyzer" is a tool (hardware or software) used to capture and analyze signals and data traffic over a communication channel. Protocol analyzers (also known as and packet sniffers) refer to the process of monitoring the data that is transmitted across a network. Sniffers highlight that sensitive information should not be sent using insecure methods.

Protocol analyzers can be stand-alone applications or used with other network monitoring and intrusion detection applications to monitor and capture network data right down to the packet and frame level.

This tool can be used in conjunction with intrusion detection and prevention systems to analyze large blocks of network data and protocols. This scanning can detect specific behaviors of known exploits or network attacks.

This information can be communicated to the IDS, which will block those network packets from reaching the client.

References:

  • CompTIA Security+ Study Guide: Exam SY0-301, Fifth Edition by Emmett Dulaney
  • Mike Meyers' CompTIA Security+ Certification Passport, Second Edition by T. J. Samuelle


1 comment:

  1. Thanks for giving such a great information about Protocol Analyzer. Protocol Analyzer are an indispensable tool for wireless sensor networks as well as PLC wireline networks development, integration, installation, monitoring, and troubleshooting.

    ReplyDelete