capture network activity.
closed account (zwA4jE8b)
I'm posting here in the lounge because this is not exactly c++ related. But this is the only forum I belong to and I trust you guys.
I have read that to capture network activity (from modem to router) a hub needs to be between the two, and that hub needs to be connected to a computer.
How exactly does that get setup? Just plug the modem, the router, and the monitoring comp into the hub and run wireshark?
Does this work because a hub sends the data it recieves to every port?
p.s. I want to monitor my home network, not someone elses.
I have read that to capture network activity (from modem to router) a hub needs to be between the two, and that hub needs to be connected to a computer.
How exactly does that get setup? Just plug the modem, the router, and the monitoring comp into the hub and run wireshark?
Does this work because a hub sends the data it recieves to every port?
p.s. I want to monitor my home network, not someone elses.
Yes, this works because the data on a hub gets sent everywhere.
I'm a Sys Admin at work and I can use wireshark from my desktop without rewiring a thing most of the time because I'm plugged into a common switch with the systems I am recording. The tutorial for Wireshark explains all you really need to know about setup and filtering, if you are keeping a log beware that they get really big, really fast.
Just curious but are we contributing to some kind of parental censorship? I have a kid myself, they're two but I can at least understand the eventual need. I would just like to know in case I can offer more advice.
Also, what platform is this running on? Is the target platform the same?
I'm a Sys Admin at work and I can use wireshark from my desktop without rewiring a thing most of the time because I'm plugged into a common switch with the systems I am recording. The tutorial for Wireshark explains all you really need to know about setup and filtering, if you are keeping a log beware that they get really big, really fast.
Just curious but are we contributing to some kind of parental censorship? I have a kid myself, they're two but I can at least understand the eventual need. I would just like to know in case I can offer more advice.
Also, what platform is this running on? Is the target platform the same?
closed account (zwA4jE8b)
I do have kids but they are only 3yr and the other 21mo. I was letting my neighbor connect to our wireless (for school work) but then I noticed her friends phone was also connecting (I am using dd-wrt). I have since changed my encryption key but it got me thinking about monitoring my network.
I read that a good filter to use (in wireshark) for that type of monitoring is the http filter. I imagine so it just filters out common internet traffic.
I read that a good filter to use (in wireshark) for that type of monitoring is the http filter. I imagine so it just filters out common internet traffic.
closed account (zwA4jE8b)
I am running windows 7. I do not have another computer to use as a monitor yet.
Can I just install another ethernet card into mine and plug that into the hub and set wireshark to capture on said device?
Can I just install another ethernet card into mine and plug that into the hub and set wireshark to capture on said device?
The filters in wireshark are all good. The user you are monitoring might also be trying to connect via https which could still be captured but would be at first unreadable.
Your router also might be able to log data. If you need more data then your router provides for some reason then wireshark is a great idea I just wanted to make sure you have every option we can give you.
I'd say setup a subnet if you can, again this would depend on the type of router you have, but this is also a great for guests and the like so they don't soak up your bandwidth with their downloads and crap. You would also need a spare point of entry to stay connected to that network so if you don't have an extra wireless card or spare PC then that might be another limiting factor in this idea.
Your router also might be able to log data. If you need more data then your router provides for some reason then wireshark is a great idea I just wanted to make sure you have every option we can give you.
I'd say setup a subnet if you can, again this would depend on the type of router you have, but this is also a great for guests and the like so they don't soak up your bandwidth with their downloads and crap. You would also need a spare point of entry to stay connected to that network so if you don't have an extra wireless card or spare PC then that might be another limiting factor in this idea.
closed account (zwA4jE8b)
I have no idea what a subnet is. I know so very little about networking.
I am using a linksys wireless g 4 port router with dd-wrt flashed.
Is it possible to just install another ethernet card in my computer and connect that to the hub and run wireshark capturing on that device? Or do I have to have a separate computer.
I am using a linksys wireless g 4 port router with dd-wrt flashed.
Is it possible to just install another ethernet card in my computer and connect that to the hub and run wireshark capturing on that device? Or do I have to have a separate computer.
Wireshark DOES allow you to specify the device you are capturing from so yes, you can do that.
closed account (zwA4jE8b)
cool, that will be a lot easier for me than acquiring and running a separate computer.
Thanks, I appreciate the advice.
Thanks, I appreciate the advice.
closed account (zwA4jE8b)
http://www.buy.com/prod/gigafast-ez800-s-mini-8-port-switch-8-x-10-100base-tx-lan/q/loc/101/10343389.html
I have one of these, but I am guessing it will not work because it is a switch and not a hub, correct?
I need a layer 1 device, a hub?
I have one of these, but I am guessing it will not work because it is a switch and not a hub, correct?
I need a layer 1 device, a hub?
Last edited on
Topic archived. No new replies allowed.