codesegment Posted July 1, 2014 Posted July 1, 2014 I would like to be able to monitor network traffic on my home lan, specifically I want to be able to see which internet websites people on my lan are accessing. I am looking for software that I can install on my PC and be able to do this. Any suggestions? Quote
digininja Posted July 1, 2014 Posted July 1, 2014 On your PC you won't be able to without messing with network traffic. The easiest way to do it is to drop a box inline somewhere that all the traffic passes through, between router and modem for example. That device will see all the traffic so you can then pull out whatever you want. There are plenty of tools which will log access to things like websites or DNS requests. Quote
Computer_Security Posted July 12, 2014 Posted July 12, 2014 (edited) The only thing that I can think of is using Wireshark and filter every thing out but HTTP or..... I found this http://www.netfort.com/solutions/user-activity I have never tried it before and I don't know how reliable it is but that is just what came up on google so.... You can also use VNC to remote into the computer! - Hope this helped Edited July 12, 2014 by Computer_Security Quote
Hell0w0rld Posted August 18, 2014 Posted August 18, 2014 i have tried this 1 if the flow is not high. get a hub 2. get a switch which support port monitor 3. arp spoof. (not suggest) Quote
NovaSam Posted August 19, 2014 Posted August 19, 2014 There are a lot of solutions out there to help monitor/filter internet traffic on your home network. Some Paid, and many free with paid options. All solutions are not 100% effective, and have their own ups and downs, and ways around them. - If you primary use windows 8.1 devices look into Parental controls (requires you to add at least one child account first) includes both filtering/reporting - OpenDNS - basically with very little modification to your router, devices point all DNS on your network to OpenDNS servers, and even setup a free account to run weekly reports. - Apple iOS devices have built in filtering "Restriction" options to help filter adult content. - Mac OS X has some built in limited Parental Controls. - Some home wireless routers now have parental controls and filtering built in. - K9 Web Protection, use on Windows Mac, iPhone, iPad, Android. - use a solution such as untangle.com in-line or arp spoof, they have a free version you can install on any regular PC hardware, - setup a squid server if you have even more time on your hands. Personally I'm not a big believer in web filtering, but rather user education. There is still a good place for filtering such as phishing, and malware prevention. Quote
Sitwon Posted August 19, 2014 Posted August 19, 2014 Some home routers will keep a log of websites visited for you. Or you could configure your router to specify a different computer as your DNS server and log the DNS queries. Quote
cooper Posted August 19, 2014 Posted August 19, 2014 Both of which are easily defeated and/or detected. Quote
Sitwon Posted August 19, 2014 Posted August 19, 2014 Both of which are easily defeated and/or detected. Sure, both are easily defeated, but that's basically true of everything. There are some very easy ways that someone could make it very difficult for you to determine which websites they are visiting. But the original question didn't seem to assume any intentional obfuscation of traffic. If you want to go after intentionally obfuscated traffic (like Tor or I2P) then you're going to have to work much much harder than I'm prepared to describe in a forum post. Quote
cooper Posted August 20, 2014 Posted August 20, 2014 Unless you place a monitoring device (like your PC or whatever) between the network switch and the router, you won't be able to monitor the traffic in any reliable fashion AND your attempts to do so will more than likely disrupt the network to the point where people will figure out you're messing with their Internets. If you equip the monitoring device with a caching proxy server (like Squid) plus a local DNS server and inform the other users on the network that you've done this to speed up their internet experience (which it actually will) you will be in an excellent position to find out what you want while rewarding your network users with improved performance. If you play your cards right, you'll be thanked for your efforts. Only the use of VPNs will defeat this, but you should see the connection with the VPN being set up and if you have the final say on what happens on that network, you can trivially block it. If you must be able to tap into the actual traffic taking place, install an extension in Squid where it plays MITM between your network and the remote site. You'll need a certificate which is placed in the truststore of the various users of your network, but it will allow your caching proxy to also cache pages and images of HTTPS sites meaning you will again be able to improve network performance. In corporate environments, particularly in the higher-security field where the company is required by law to retain some sort of historic record of what you've been doing, this isn't a very uncommon setup. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.