LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 11-06-2003, 01:57 PM   #1
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Rep: Reputation: 0
Correct way to sniff switched network


Hi All,
I am fairly new to Linux....I am running RH 7.3 on a PIII at 800Mhz networked with two other Windows machines via a Linsys cable WAP router. My question is this: I would like to monitor the traffic of my teenage son's machine (this would be a 3rd Windows machine if I decide to allow him internet access in his room). I can obviously monitor his email with an IMAP connection. I was thinking of installing an additional NIC in my Linux box. This would be plugged into a hub placed between my cable modem and router. First I am not sure if this is wise or even the correct way. I know 'sniffing' switched networks can be tricky. This can't be a unique situation. Any help or advice would be greatly appreciated.
 
Old 11-06-2003, 02:37 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 65
I would recoomend not sniffing but logging - just set up your router/proxy to log connections.
 
Old 11-06-2003, 03:32 PM   #3
dorian33
Member
 
Registered: Jan 2003
Location: Poland, Warsaw
Distribution: LFS, Gentoo
Posts: 587

Rep: Reputation: 32
Do you know the word "privacy"?
I am glad I am not your son...
 
Old 11-06-2003, 03:39 PM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 65
Quote:
Originally posted by dorian33
Do you know the word "privacy"?
I am glad I am not your son...
I have to say that I agree but lets not turn this into a discussion on peoples personal opinions, msymms asked for help with a problem.

Please try and keep the thread on track. Thanks!

Last edited by david_ross; 11-06-2003 at 03:41 PM.
 
Old 11-06-2003, 06:42 PM   #5
msymms
LQ Newbie
 
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks for your help David. I am logging the router traffic and that should suffice for now.

dorian33-I understand the "privacy" sentiment. Believe me I do. There are obviously other issues involved here that have no place in this forum.

Thanks again
 
Old 11-07-2003, 10:23 AM   #6
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
It would be polite to tell your son that his access is monitored.
 
Old 11-07-2003, 10:32 AM   #7
phoeniXflame
Member
 
Registered: Feb 2003
Location: Somewhere, UK
Distribution: Slack, OpenBSD, Debian, SuSE
Posts: 189

Rep: Reputation: 30
its not 'tricky' at all if you control the network, use something like dug songs arpspoof program combined with fragrouter to forward packets to fool your sons machine into thinking its speaking to the gateway, I'd have to agree with the others about you needing to tell your son hes being monitored, its not fair otherwise, plus you need to give him a chance to evade your sneaky sniffing tactics
 
Old 11-07-2003, 11:33 AM   #8
bitva
Member
 
Registered: Dec 2002
Location: Los Angeles
Distribution: Debian
Posts: 72

Rep: Reputation: 15
You want ettercap: http://ettercap.sourceforge.net/

'tis the best.
 
Old 11-07-2003, 12:33 PM   #9
cyph3r7
Member
 
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238

Rep: Reputation: 30
hmmmm I can appreciate your situation as I have 2 children both with PC's in their rooms. I think there needs to be a balance. What I have done is filter there surfing content with squid. Blocking access to "porn" and such. Not allowed any file sharing such as kazaa or napster. Other than that they have free reign to do what they wish.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Network cards were switched Worstje Slackware 3 11-17-2004 09:20 AM
ntop in a switched network cccc Linux - Networking 0 11-07-2004 10:54 AM
which linux sniffer can I use on the switched network ? cccc Linux - Networking 2 07-24-2004 07:30 PM
How do I sniff in a switched environment with Dsniff? bin_shell Linux - Security 2 03-20-2004 12:40 PM
On reboot, Mandrake 8 switched to runlevel 3, and I can't get back to a correct 5 mlard Linux - Newbie 2 05-12-2001 04:47 AM


All times are GMT -5. The time now is 10:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration