Jump to content

Monitoring router traffic


thedreadpirateroberts
 Share

Recommended Posts

Hello all, I've been searching the internet to no avail looking for information on monitoring the traffic through my router. I have a D-link DIR-655 wireless router with a windows box (with kali installed as a vm) wired in and a macbook air that connects wirelessly. I want to use the windows machine to monitor the traffic of all connected devices. I'm just noodling around with my own equipment and this is just for fun and curiosity. Is there a way to accomplish this?

Link to comment
Share on other sites

Thanks Barry. That's what I was thinking. I already have an alfa adapter on the way.

If you have some spare parts handy, this is kinda fun to play with. It won't work on gigabit networks, well, it will, but they drop to 100mbs.

http://www.winsnort.com/topic/24-how-to-install-this-windows-intrusion-detection-system-winids-companion-add-on/

Link to comment
Share on other sites

So, I have an Alfa AWUS036NEH usb dongle (https://hakshop.myshopify.com/products/alfa-usb-wifi-awus036neh) and Kali linux doesn't seem to be able to pick it up. In the Network Manager under Wireless Networks it is showing disconnected and no Wifi networks are being displayed. Running iwconfig i get wlan0 and I was able to to get a mon0 using the airmon -ng. Wireshark displays both wlan0 and mon0 in the interface list and I do see some packets. However, these are all broadcast packets.

Link to comment
Share on other sites

So, I have an Alfa AWUS036NEH usb dongle (https://hakshop.myshopify.com/products/alfa-usb-wifi-awus036neh) and Kali linux doesn't seem to be able to pick it up. In the Network Manager under Wireless Networks it is showing disconnected and no Wifi networks are being displayed. Running iwconfig i get wlan0 and I was able to to get a mon0 using the airmon -ng. Wireshark displays both wlan0 and mon0 in the interface list and I do see some packets. However, these are all broadcast packets.

Connect to the wifi first! You won't be running in monitor mode since wireless runs like a wired hub, unless that pesky station isolation box is checked. If you just start the wifi in rfmon, then unless the network is open, all you're going to see is broadcast packets, everything else will be encrypted.

Link to comment
Share on other sites

Yep, I do know my ssid and I know my neighbors ssid. In Windows network connections it shows multiple networks to choose from. In Kali, the network manager is showing Wired network "device not managed" and Wireless Networks "disconnected". I have the wireless adapter in "bridged" from VMware.

Connect the usb device directly to kali. "Bridged" in vmware will make kali think it's a wired network device. Sorry, didn't see you were using a virtual machine.

Link to comment
Share on other sites

Okay, I'll try that. However, changing the setting to "bridged" was something that I tried after the fact in an attempt to fix the issue. I tried adding a new network with my ssid however it won't authenticate. It keeps asking prompting for my password.

I've been digging around the internet and it seems this is common, yet I haven't found any solutions. I did find this that I think I might try when I get a chance. http://rumyittips.com/how-to-fix-your-network-adapter-for-backtrack-or-kali-linux/

Edited by thedreadpirateroberts
Link to comment
Share on other sites

Okay, I'll try that. However, changing the setting to "bridged" was something that I tried after the fact in an attempt to fix the issue. I tried adding a new network with my ssid however it won't authenticate. It keeps asking prompting for my password.

I've been digging around the internet and it seems this is common, yet I haven't found any solutions. I did find this that I think I might try when I get a chance. http://rumyittips.com/how-to-fix-your-network-adapter-for-backtrack-or-kali-linux/

Ignore the network part of that how-to. Once you directly connect the usb adapter to your vm it won't work on the host machine anymore anyway.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...