thedreadpirateroberts Posted September 15, 2014 Posted September 15, 2014 Hello all, I've been searching the internet to no avail looking for information on monitoring the traffic through my router. I have a D-link DIR-655 wireless router with a windows box (with kali installed as a vm) wired in and a macbook air that connects wirelessly. I want to use the windows machine to monitor the traffic of all connected devices. I'm just noodling around with my own equipment and this is just for fun and curiosity. Is there a way to accomplish this? Quote
barry99705 Posted September 15, 2014 Posted September 15, 2014 You can't monitor with that router, but you can put a network tap between the router and another switch, then attached your wired devices off the switch. Wifi is easier, just hook up a usb wireless adapter to your kali vm, but it in monitor mode and start up wireshark. Quote
thedreadpirateroberts Posted September 15, 2014 Author Posted September 15, 2014 Thanks Barry. That's what I was thinking. I already have an alfa adapter on the way. Quote
barry99705 Posted September 16, 2014 Posted September 16, 2014 Thanks Barry. That's what I was thinking. I already have an alfa adapter on the way. If you have some spare parts handy, this is kinda fun to play with. It won't work on gigabit networks, well, it will, but they drop to 100mbs. http://www.winsnort.com/topic/24-how-to-install-this-windows-intrusion-detection-system-winids-companion-add-on/ Quote
thedreadpirateroberts Posted September 19, 2014 Author Posted September 19, 2014 So, I have an Alfa AWUS036NEH usb dongle (https://hakshop.myshopify.com/products/alfa-usb-wifi-awus036neh) and Kali linux doesn't seem to be able to pick it up. In the Network Manager under Wireless Networks it is showing disconnected and no Wifi networks are being displayed. Running iwconfig i get wlan0 and I was able to to get a mon0 using the airmon -ng. Wireshark displays both wlan0 and mon0 in the interface list and I do see some packets. However, these are all broadcast packets. Quote
barry99705 Posted September 20, 2014 Posted September 20, 2014 So, I have an Alfa AWUS036NEH usb dongle (https://hakshop.myshopify.com/products/alfa-usb-wifi-awus036neh) and Kali linux doesn't seem to be able to pick it up. In the Network Manager under Wireless Networks it is showing disconnected and no Wifi networks are being displayed. Running iwconfig i get wlan0 and I was able to to get a mon0 using the airmon -ng. Wireshark displays both wlan0 and mon0 in the interface list and I do see some packets. However, these are all broadcast packets. Connect to the wifi first! You won't be running in monitor mode since wireless runs like a wired hub, unless that pesky station isolation box is checked. If you just start the wifi in rfmon, then unless the network is open, all you're going to see is broadcast packets, everything else will be encrypted. Quote
thedreadpirateroberts Posted September 20, 2014 Author Posted September 20, 2014 I'm unable to see any wireless networks from the network manager in Kali to connect to. Is there any way to get kali to see these? I know there are several around me. Quote
barry99705 Posted September 20, 2014 Posted September 20, 2014 I'm unable to see any wireless networks from the network manager in Kali to connect to. Is there any way to get kali to see these? I know there are several around me. Uhh, you should know your wifi ssid. Quote
thedreadpirateroberts Posted September 20, 2014 Author Posted September 20, 2014 Yep, I do know my ssid and I know my neighbors ssid. In Windows network connections it shows multiple networks to choose from. In Kali, the network manager is showing Wired network "device not managed" and Wireless Networks "disconnected". I have the wireless adapter in "bridged" from VMware. Quote
barry99705 Posted September 21, 2014 Posted September 21, 2014 Yep, I do know my ssid and I know my neighbors ssid. In Windows network connections it shows multiple networks to choose from. In Kali, the network manager is showing Wired network "device not managed" and Wireless Networks "disconnected". I have the wireless adapter in "bridged" from VMware. Connect the usb device directly to kali. "Bridged" in vmware will make kali think it's a wired network device. Sorry, didn't see you were using a virtual machine. Quote
thedreadpirateroberts Posted September 21, 2014 Author Posted September 21, 2014 (edited) Okay, I'll try that. However, changing the setting to "bridged" was something that I tried after the fact in an attempt to fix the issue. I tried adding a new network with my ssid however it won't authenticate. It keeps asking prompting for my password. I've been digging around the internet and it seems this is common, yet I haven't found any solutions. I did find this that I think I might try when I get a chance. http://rumyittips.com/how-to-fix-your-network-adapter-for-backtrack-or-kali-linux/ Edited September 21, 2014 by thedreadpirateroberts Quote
barry99705 Posted September 21, 2014 Posted September 21, 2014 Okay, I'll try that. However, changing the setting to "bridged" was something that I tried after the fact in an attempt to fix the issue. I tried adding a new network with my ssid however it won't authenticate. It keeps asking prompting for my password. I've been digging around the internet and it seems this is common, yet I haven't found any solutions. I did find this that I think I might try when I get a chance. http://rumyittips.com/how-to-fix-your-network-adapter-for-backtrack-or-kali-linux/ Ignore the network part of that how-to. Once you directly connect the usb adapter to your vm it won't work on the host machine anymore anyway. Quote
thedreadpirateroberts Posted September 24, 2014 Author Posted September 24, 2014 After fiddling around and trying everything just about every source on the internet has mentioned on this, I got everything working properly. The solution was simply placing the alfa usb dongle into a different USB port. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.