We have looked at many ways to discover information and intercept data by observing the communications between two systems or by watching the side effects of such communications. The story does not end here, however. Sometimes, by averting our eyes from the target we hope to probe, we can see even more.

An entire set of methods commonly referred to as “black-hole monitoring” is dedicated to observing and analyzing unwanted or unsolicited traffic that arrives accidentally, erroneously, or in mangled form at a specific destination. These methods most often include simply running a packet dump utility and then painstakingly analyzing and theorizing about ...