Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
11-06-2003, 12:57 PM
|
#1
|
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Rep: 
|
Correct way to sniff switched network
Hi All,
I am fairly new to Linux....I am running RH 7.3 on a PIII at 800Mhz networked with two other Windows machines via a Linsys cable WAP router. My question is this: I would like to monitor the traffic of my teenage son's machine (this would be a 3rd Windows machine if I decide to allow him internet access in his room). I can obviously monitor his email with an IMAP connection. I was thinking of installing an additional NIC in my Linux box. This would be plugged into a hub placed between my cable modem and router. First I am not sure if this is wise or even the correct way. I know 'sniffing' switched networks can be tricky. This can't be a unique situation. Any help or advice would be greatly appreciated.
|
|
|
|
|
11-06-2003, 01:37 PM
|
#2
|
|
Moderator
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047
Rep: 
|
I would recoomend not sniffing but logging - just set up your router/proxy to log connections.
|
|
|
|
|
11-06-2003, 02:32 PM
|
#3
|
|
Member
Registered: Jan 2003
Location: Poland, Warsaw
Distribution: LFS, Gentoo
Posts: 576
Rep:
|
Do you know the word "privacy"?
I am glad I am not your son...
|
|
|
|
|
11-06-2003, 02:39 PM
|
#4
|
|
Moderator
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047
Rep:
|
Quote:
Originally posted by dorian33
Do you know the word "privacy"?
I am glad I am not your son...
|
I have to say that I agree but lets not turn this into a discussion on peoples personal opinions, msymms asked for help with a problem.
Please try and keep the thread on track. Thanks!
Last edited by david_ross; 11-06-2003 at 02:41 PM.
|
|
|
|
|
11-06-2003, 05:42 PM
|
#5
|
|
LQ Newbie
Registered: Oct 2003
Location: Houston
Distribution: Red Hat 7.3
Posts: 11
Original Poster
Rep:
|
Thanks for your help David. I am logging the router traffic and that should suffice for now.
dorian33-I understand the "privacy" sentiment. Believe me I do. There are obviously other issues involved here that have no place in this forum.
Thanks again
|
|
|
|
|
11-07-2003, 09:23 AM
|
#6
|
|
Member
Registered: Oct 2003
Distribution: Slackware
Posts: 388
Rep:
|
It would be polite to tell your son that his access is monitored.
|
|
|
|
|
11-07-2003, 09:32 AM
|
#7
|
|
Member
Registered: Feb 2003
Location: Somewhere, UK
Distribution: Slack, OpenBSD, Debian, SuSE
Posts: 189
Rep:
|
its not 'tricky' at all if you control the network, use something like dug songs arpspoof program combined with fragrouter to forward packets to fool your sons machine into thinking its speaking to the gateway, I'd have to agree with the others about you needing to tell your son hes being monitored, its not fair otherwise, plus you need to give him a chance to evade your sneaky sniffing tactics  |
|
|
|
|
11-07-2003, 10:33 AM
|
#8
|
|
Member
Registered: Dec 2002
Location: Los Angeles
Distribution: Debian
Posts: 72
Rep:
|
You want ettercap: http://ettercap.sourceforge.net/
'tis the best. |
|
|
|
|
11-07-2003, 11:33 AM
|
#9
|
|
Member
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238
Rep:
|
hmmmm I can appreciate your situation as I have 2 children both with PC's in their rooms. I think there needs to be a balance. What I have done is filter there surfing content with squid. Blocking access to "porn" and such. Not allowed any file sharing such as kazaa or napster. Other than that they have free reign to do what they wish.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 09:19 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
