Results 1 to 4 of 4

Thread: Network Monitoring

  1. July 7th, 2002, 07:25 AM #1
    HYBR|D
    Guest

    Question Network Monitoring

    Hello all, Well I I have a lan at home running win2000 as the host, 2 win98 boxes and a linux box set as a firewall, connecting these are a netgear router. I want to watch what people are doing on my network eg. stealth mode in watching what email they are sending and recieving, web sites messages (irc) etc. I dont want to actually go on the computer and check history etc or logs is there a way I can listen on ports watch traffic etc. - packet sniffer? Im not sure thats why I am here! hehe well all help and comments are appreciated.

    Thanks in advance
    Regards HYBRID
    Reply With Quote Reply With Quote
  2. July 7th, 2002, 08:22 AM #2
    MrT
    MrT is offline
    Member
    Join Date
    May 2002
    Posts
    42
    I suggest that you use your Linux box to scan the othe computers.
    The best sniffer I would use would be dsniff, you can get it at: www.monkey.org/~dugsong/dsniff/
    \"keep your friends close, your enemys closer, and your administrator closest.\"
    Reply With Quote Reply With Quote
  3. July 7th, 2002, 01:19 PM #3
    str34m3r
    Guest
    Tcpdump (for linux) allows full packet capture, but you're going to need a lot of hard drive space if you want to do that. Snort (for windows and linux) also allows full packet capture, but again, it's going to take up huge quantities of space. If you just want to be able to see all of the websites and e-mail from those computers, but not have to record huge amounts of traffic, then mailsnarf and urlsnarf (part of the dsniff package that MrT recommended) will work well for you. There's a lot of packet sniffers out there, and you'l just have to test some of them out to find what works best for you. Check out www.packetstormsecurity.com for a list of the more popular sniffers.

    Before monitoring traffic on any network, it's important to note a few things. Number one, you had better own all of the systems on the network or it's probably illegal. Number two, even if you own all of the systems, it could still be illegal to monitor the traffic unless every single person that uses the systems knows that they are being monitored and agrees to be monitored. Those are the two primary criterion for monitoring traffic here in the states, but I don't know what Australia's laws are regarding computer privacy, so you'll have to find out for yourself. Legal issues aside, it's still a good idea to respect others privacy unless you have some extrodinary reason to monitor them. How would you like it if someone else was constantly checking out what websites you visited?
    Reply With Quote Reply With Quote
  4. July 7th, 2002, 07:44 PM #4
    ammo
    ammo is offline
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Hum, is the linux firewall in front of the netgear router or behind like the other hosts?
    Can you draw us a little ascii map of your network?

    Ammo
    Credit travels up, blame travels down -- The Boss
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules