Intensive development of information systems has led to an increase in malicious software, which is associated with the emergence of new types of cyber attacks. Expanding impact of cyber attacks aimed at a variety of resources information system initiates creation of special countermeasures that can be effective in the emergence of new types of threats from unknown or ill-defined properties. There are enough effective developments, are used to solve problems of cyber attacks identification, for example, the method of linguistic etalons formation for the detection of intrusion systems, which does not disclose the mechanism of the formation of etalons settings for sniffing attacks. In this work, was developed etalons model of linguistic variables to detect sniffing attacks, which is due to assess the state of the information system and the process of forming the parameters of etalons will allow to formalize the process of obtaining the parameters of etalons for a given linguistic variables in specific environment in solving attacks detection tasks on computer systems.