|
watch all traffic on wlan0 or ethX
hello, i am trying to watch for example http traffic on my wi-fi network of all connected computers.
i'we been using tcpdump an wireshark but those captured only my own traffic. however when i run command Code:
ettercap -i wlan0 -TqM ARP:REMOTE // //Code:
urlsnarf -i wlan0my question is how can i achieve the same result with tcpdump or wireshark ? thanks |
I get the feeling you have a router or switch just before this computer. A switch is different than a hub. A simple hub would send all data to your computer. A switch prevents useless data from being sent.
In some more advanced devices you can mirror or set some settings to allow all traffic to be sent. Some switches have the ability to monitor traffic to some file also. |
to touch on what jefro mentioned its called 'port span' which you can configure on your router or switch to take all traffic the device processes and dump it to a specific port where you connect a client machine and sniff the traffic via tcpdump,wireshark,whatever
if you have a standard soho router this may not be possible unless you use a modded firmware like dd-wrt and even then its questionable if you'll get that function (you normally see this done on commerical networking equipment) but anyway, im sure theres a way to dump the output of urlsnarf to a file and use wireshark to read it in real time for analyzing...never tried it though post back if you figure something out! |
|
| All times are GMT -5. The time now is 01:05 AM. |