Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Air packet sniffer

  • 08-08-2006 5:03pm
    #1
    Users Awaiting Email Confirmation Posts: 933 ✭✭✭


    I've recently started sharing my connection at home with 3 housem8s on the basis they dont download warez as the line is under my name.

    Anyway, Does any1 know of a good air packet sniffer so I can see if things are being downloaded?


Comments

  • Registered Users, Registered Users 2 Posts: 7,541 ✭✭✭irlrobins


    Airsnare

    Includes ethereal that will allow you to packet sniff and see what sorta traffic is running.


  • Registered Users, Registered Users 2 Posts: 4,864 ✭✭✭MunsterCycling


    Would running the link through a proxy not be a better option then you can log where they go?


  • Registered Users, Registered Users 2 Posts: 19,396 ✭✭✭✭Karoma


    What sort of connection? Presumably, your AP or router would have some logging facility. If not, is there a possibility of leaving your machine on 24x7, or getting an old computer - as a proxy would be a better idea than using a sniffer, TBH. Perhaps, get them to agree to install a net. usage monitor client (Or keylogger)?


  • Registered Users, Registered Users 2 Posts: 6,374 ✭✭✭Gone West


    ethereal is the best tbh.

    or else ettercap.
    and run *nix because the windows versions arent great.


  • Registered Users, Registered Users 2 Posts: 4,864 ✭✭✭MunsterCycling


    EtherReal (WireShark) is the biz alright, ran it as a test on the domain earlier today... Whoa what wonders you can see...

    Has been replaced by WireShark Net Analyzer in Fedora in the past few weeks, same interface and functions though.


  • Advertisement
  • Closed Accounts Posts: 6,151 ✭✭✭Thomas_S_Hunterson


    Driftnet also might be worth a look, for your entertainment more than anything. It basically catches all picture files crossing the network and displays them in a window in your window manager.


  • Users Awaiting Email Confirmation Posts: 933 ✭✭✭dardoz


    Its an Eircom Netopia router. I don't really want my housem8s thinking I am monitoring them. I'm just making sure no abuse is taking place.

    I'll give airsnare a go


  • Users Awaiting Email Confirmation Posts: 933 ✭✭✭dardoz


    Ok I just loaded up Ethereal and captured some data. At first I thought...how am I meant to know what all these bits of data are? Then in amongst all the jumble I noticed bittorrent handshakes and website addresses.

    Perfect guys, thanks


  • Registered Users, Registered Users 2 Posts: 4,864 ✭✭✭MunsterCycling


    Ahhhh, how wonderful the works of a wheelbarrow.... ;)

    Proxy would still be the way to go IMO, btw they wouldn't know they were being monitered, would defeat the purpose if they did. The proxy is transparent to the end user and can actually speed up acces to frequently used sites as they are retrieved from cache on the proxy rather than being fetched from the net.

    MC


  • Users Awaiting Email Confirmation Posts: 933 ✭✭✭dardoz


    how would they not know? They are connecting directly to the netopia router wirelessly.


  • Advertisement
  • Closed Accounts Posts: 884 ✭✭✭NutJob


    dardoz wrote:
    Its an Eircom Netopia router. I don't really want my housem8s thinking I am monitoring them. I'm just making sure no abuse is taking place.

    I'll give airsnare a go


    So how do you plan to confront them if your not going to say ur checking up on them.

    My solution to almost everything at the moment a Linksys wrt54gL. Install dd-wrt. Set up squid as a transparent proxy as there not http requests squid will drop p2p :)

    If you want after that add ur mac as a knowen. Create a seperate subnet for yourself and bypass the proxy in the routing tables.


  • Registered Users, Registered Users 2 Posts: 4,864 ✭✭✭MunsterCycling


    NutJob wrote:
    So how do you plan to confront them if your not going to say ur checking up on them.

    My solution to almost everything at the moment a Linksys wrt54gL. Install dd-wrt. Set up squid as a transparent proxy as there not http requests squid will drop p2p :)

    If you want after that add ur mac as a known. Create a seperate subnet for yourself and bypass the proxy in the routing tables.


    There ya go! Best to get rid of the Netopia too as the logging on them is crud, NutJob's solution would be simple, elegant and robust. They should know though that you are monitoring traffic though, will keep em honest.


    MC


  • Users Awaiting Email Confirmation Posts: 933 ✭✭✭dardoz


    NutJob wrote:
    So how do you plan to confront them if your not going to say ur checking up on them.

    My solution to almost everything at the moment a Linksys wrt54gL. Install dd-wrt. Set up squid as a transparent proxy as there not http requests squid will drop p2p :)

    If you want after that add ur mac as a knowen. Create a seperate subnet for yourself and bypass the proxy in the routing tables.

    I have no problem confronting them if I know they are abusing it. I don't want them to know that I know if you know what I mean until I know for sure :p


Advertisement