Network sniffers are tools that allow hackers to monitor and intercept data packets sent over the network and remove the text passwords contained within.
Such an attack requires the use of malware or physical access to the network switch, but it can be very effective. It does not rely on exploiting a system vulnerability or network error, and as such is applicable to most internal networks.
It is also common to use network sniffers in the first phase of an attack, followed by brute force attacks.
Of course, enterprises can use these same tools to scan their own networks, which can be especially useful for diagnosing or troubleshooting problems.
Using a network analyzer, administrators can determine what information is sent in plain text and enforce policies to prevent this from happening.
The only way to prevent this attack is to protect traffic by routing it through a VPN or something similar.