Re: Does listening to my network create extra traffic?
From: Dave Korn (no.spam_at_my.mailbox.invalid)
Date: Fri, 24 Oct 2003 14:54:57 +0100
<firstname.lastname@example.org> wrote in message
> "Randell D." <email@example.com> wrote in message
> > well... if I'm listening to my network, am I doing just that?
> > Will these
> > programs create any extra traffic on my network?
> No. Programs that monitor network traffic do not add to the volume.
.... except that a lot of them (tcpdump and ethereal included) will send DNS
requests to convert the IP addresses they see into human-readable names for
their output. Most software of this kind also has options to disable
name-resolution, but at least for the two I mentioned, it's not done by
It's generally not a great deal of traffic, but just suppose for example a
box on your network gets hit by some slammer style-worm that goes sending
packets to random addresses? Then for every packet the worm sent, your
network sniffer would send a DNS lookup request, and your DNS server would
send a reply - effectively tripling the amount of traffic the worm itself
would have caused. Apart from this scenario, I can't imagine any other case
where a sniffer would contribute any significant amount of traffic.
-- moderator of alt.talk.rec.soc.biz.news.comp.humanities.meow.misc.moderated.meow Burn your ID card! http://www.optional-identity.org.uk/ Help support the campaign, copy this into your .sig! Proud Member of the Exclusive "I have been plonked by Davee because he thinks I'm interesting" List Member #<insert number here> Master of Many Meowing Minions Holder of the exhalted PF Chang's Crab Wonton Award for kook spankage above and beyond the call of hilarity. PGP Key-ID: 0x0FB504D1 Fingerprint 04B7 2E8C 0245 680E 6484 C441 CEC7 D2BD