SP2005 Posted May 7, 2018 Share Posted May 7, 2018 My own IP is logged in the log files and it took me some time to see that the traffic in the log files was from my own phone. Is it possible to keep my IP/Phone out of the log files ? Quote Link to comment Share on other sites More sharing options...
trashbo4t Posted May 13, 2018 Share Posted May 13, 2018 On 5/7/2018 at 10:59 AM, SP2005 said: My own IP is logged in the log files and it took me some time to see that the traffic in the log files was from my own phone. Is it possible to keep my IP/Phone out of the log files ? Is it a local IP, In a subnet range of (172.16.0.0./16 or 192.168.0.0/16) if so don't worry about it. What module are you using? The log files are either stored on the SD or Internally, so if you really want to purge your ip from logs, use the "sed" command to do string replacement on your own IP. Quote Link to comment Share on other sites More sharing options...
SP2005 Posted May 14, 2018 Author Share Posted May 14, 2018 When I use SSlsplit I can see my own traffic in the logfile. I thought it would be nice if I could keep my own traffic out of this logfile. Yes it is my own local IP like 172..... Quote Link to comment Share on other sites More sharing options...
trashbo4t Posted May 16, 2018 Share Posted May 16, 2018 172.16.0.0/16 CIDR's are not Internet routable. From an outside perspective it could be anyones IP address. Quote Link to comment Share on other sites More sharing options...
SP2005 Posted May 16, 2018 Author Share Posted May 16, 2018 When I use my phone to connect to my NANO I can see I get the IP 172.... in the settings on my phone. When I look in the logfile of the NANO, I can see the same IP. So I'm pretty sure that it is my own IP I can see in the logfile. Quote Link to comment Share on other sites More sharing options...
sebaz Posted May 16, 2018 Share Posted May 16, 2018 (edited) What exactly is the problem with that? as trashbo4t said: 172.16.0.0/16 CIDR's are not Internet routable. From an outside perspective it could be anyones IP address. The pineapple DHCP gives you this local, unroutable IP to connect to the Pineapple. It is not unique to the phone, and doesn't say anything about your traffic or your device. It is basically useless to anyone getting acces to it, because anytime you connect your phone to your pineapple you will get a new one. Edited May 16, 2018 by sebaz Quote Link to comment Share on other sites More sharing options...
trashbo4t Posted May 16, 2018 Share Posted May 16, 2018 1 hour ago, SP2005 said: When I use my phone to connect to my NANO I can see I get the IP 172.... in the settings on my phone. When I look in the logfile of the NANO, I can see the same IP. So I'm pretty sure that it is my own IP I can see in the logfile. Here is some more information: https://en.wikipedia.org/wiki/Private_network Quote Link to comment Share on other sites More sharing options...
SP2005 Posted May 16, 2018 Author Share Posted May 16, 2018 Imagine if you put up a hotspot and a lot of people connect to your hotspot they create a lot of traffic in the logfile. If you later goes through this logfile, to see what kind of data people was creating, you would not only see other peoples traffic but also your own traffic, which I want to sort out. I hope not this is hard to understand. Quote Link to comment Share on other sites More sharing options...
sebaz Posted May 16, 2018 Share Posted May 16, 2018 If you want to capture and analyse traffic, you are better of using wireshark with your pineapple. With wireshark you can easily filter traffic per IP/device. https://www.wireshark.org/ Quote Link to comment Share on other sites More sharing options...
SP2005 Posted May 16, 2018 Author Share Posted May 16, 2018 I can see I have to find out how I get those log files in my NANO and run them through Wireshark, for better view. Quote Link to comment Share on other sites More sharing options...
Couchfault Posted May 16, 2018 Share Posted May 16, 2018 I'm not sure exactly what you're trying to log. If you're just trying to capture packets: tcpdump -i [interface] -w /path/to/savefile.pcap 'host not [your ip]' Then you can download /path/to/savefile.pcap from your WiFi Pineapple and analyze it using wireshark or a number of other tools. Quote Link to comment Share on other sites More sharing options...
trashbo4t Posted May 16, 2018 Share Posted May 16, 2018 (edited) 18 minutes ago, Tesla said: I'm not sure exactly what you're trying to log. If you're just trying to capture packets: tcpdump -i [interface] -w /path/to/savefile.pcap 'host not [your ip]' Then you can download /path/to/savefile.pcap from your WiFi Pineapple and analyze it using wireshark or a number of other tools. Note this will only capture traffic if the ip youre filtering out is not that of your gateway/pineapple. i.e filter out your phones local IP not the pineapple, or else you wont capture any data of value or jut simplex traffic. Edited May 16, 2018 by trashbo4t Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.