I want to know what method is good to see the complete traffic on my lan, I want to see what computer generate more traffic and attack the problem in these computer.
I download ethereal, but this tools only retreive the traffic on my lan pc card, and I want to know all the lan.
Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
VIA PCI 10/100Mb Fast Ethernet Adapter (Microsoft's Packet Scheduler) : \Device\NPF_{86D89DC5-F63A-42FD-9D7B-E2B0CCCAE385}
This is directly to the switch.
the promiscuos mode is enabled
Switches prevent you from seeing all traffic. You'd have to mirror the port and/or use a hub instead.
Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
Place your sniffer at a network choke point via a spanning port on a switch/router. You'll see more traffic than you'll know what to do with.
--Th13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Some switches have a monitor port, it's also temporarily possible to ARP spoof the other computers to pass their traffic through the monitoring station. However, a word of warning, most networking hardware is much faster at routing than a normal desktop, so by doing this, it'll slow down the network. I'd only do it on a small network, that I own, and make sure that all the users know I'm trying to find odd traffic.
Reply With Quote
Originally Posted by AarzaK
