Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: monitoring network trafic

02 Jul 2009   #11
zigzag3143

Win 8 Release candidate 8400
 
 
packet sniffers

Everyone I like MS as well but unless you install the core and parser set you are only getting a stripted down lite version

The Network Monitor core engine has been decoupled from the parser set. To install the full Network Monitor 3.3 product:
  • Run the setup.exe for the platform you are installing.
  • You will be prompted first to install the core engine. Follow the installation directions. Make sure you close existing instances of netmon.exe, nmcap.exe and any running NMAPI applications.
  • Next you will be prompted to install the parser package. Follow the installation directions:
As a beginner I thought the OP would think the ease of use would be the most important factor.

Ken


My System SpecsSystem Spec
.
02 Jul 2009   #12
sup3rsprt

XP, Seven, 2008R2
 
 

A packet sniffer probably isn't going to give you enough info to work with, unless you do something like perform MITM, spoof the router's MAC address, or setup a mirrored port which the Linksys probably cannot do.

If anyone is wired into the router via ethernet, the switch inside the router will prevent you from sniffing other people's traffic (besides doing the techniques I mentioned above).
My System SpecsSystem Spec
02 Jul 2009   #13
akramh

Windows 7 7264x64(main), 7260x86(secendary), XP SP3 Triple Boot
 
 

Quote   Quote: Originally Posted by sup3rsprt View Post
A packet sniffer probably isn't going to give you enough info to work with, unless you do something like perform MITM, spoof the router's MAC address, or setup a mirrored port which the Linksys probably cannot do.

If anyone is wired into the router via ethernet, the switch inside the router will prevent you from sniffing other people's traffic (besides doing the techniques I mentioned above).
Yea this is what I read in some places while googling, so MITM/Spoofing the router's MAC address/setting up mirrored port are all not supported with the linksys routers?

I played around a little with Wireshark, but it seems it can only monitor the local trafic on the locally installed NICs, unless you have something installed on the other computers... when I tried to monitor a remote computer it said that the server software was maybe not running on it....
My System SpecsSystem Spec
.

02 Jul 2009   #14
zigzag3143

Win 8 Release candidate 8400
 
 
packet sniffer

Quote   Quote: Originally Posted by sup3rsprt View Post
A packet sniffer probably isn't going to give you enough info to work with, unless you do something like perform MITM, spoof the router's MAC address, or setup a mirrored port which the Linksys probably cannot do.

If anyone is wired into the router via ethernet, the switch inside the router will prevent you from sniffing other people's traffic (besides doing the techniques I mentioned above).
Not if It has remotes like Observer, and is not passive, or he runs it in the DMZ

K
My System SpecsSystem Spec
02 Jul 2009   #15
sup3rsprt

XP, Seven, 2008R2
 
 

you can do MITM or MAC spoofing on just about any router. Mirrored port will require special firmware on Linksys.

Quote   Quote: Originally Posted by zigzag3143 View Post
Not if It has remotes like Observer, and is not passive, or he runs it in the DMZ

K
remotes like Observer?

DMZ is not even real on Linksys routers. It's just Masquerade.
My System SpecsSystem Spec
02 Jul 2009   #16
zigzag3143

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by sup3rsprt View Post
remotes like Observer?

DMZ is not even real on Linksys routers. It's just Masquerade.
Yep I knew you were lurking. I said nothing abt Linksys.

Ken
My System SpecsSystem Spec
02 Jul 2009   #17
sup3rsprt

XP, Seven, 2008R2
 
 

akramh has a Linksys router. Why you talking about DMZ?

Quote   Quote: Originally Posted by akramh View Post
I played around a little with Wireshark, but it seems it can only monitor the local trafic on the locally installed NICs, unless you have something installed on the other computers... when I tried to monitor a remote computer it said that the server software was maybe not running on it....
Wireshark can monitor in promiscuous mode depending on your NIC and depending on if your wireless NIC supports monitor mode. I think you should be able to sniff other people's traffic with it, but it is not a very good solution unless you're an expert at reading packet captures.
My System SpecsSystem Spec
02 Jul 2009   #18
akramh

Windows 7 7264x64(main), 7260x86(secendary), XP SP3 Triple Boot
 
 

Quote   Quote: Originally Posted by sup3rsprt View Post
you can do MITM or MAC spoofing on just about any router. Mirrored port will require special firmware on Linksys.
ok you know of any guides that I can use to do that? what software is used?

btw started playing around with microsoft network minotor 3.3, I noticed there is "My trafic" and "Other Trafic" sections, under "My trafic" I can see the applications that are on my PC that are using the net. on "other trafic" I can see the IP Addresses that are on the network, one of them I can't even ping but I can see some information on it, but not detailed, like I don't know what applications are being used and how much badwidth, here is a screen shot:


Attached Thumbnails
monitoring network trafic-network-monitoring.jpg  
My System SpecsSystem Spec
02 Jul 2009   #19
zigzag3143

Win 8 Release candidate 8400
 
 
again

Quote   Quote: Originally Posted by sup3rsprt View Post
akramh has a Linksys router. Why you talking about DMZ?



Wireshark can monitor in promiscuous mode depending on your NIC and depending on if your wireless NIC supports monitor mode. I think you should be able to sniff other people's traffic with it, but it is not a very good solution unless you're an expert at reading packet captures.
I suggested wireshark because its easy and free. I could have just as easily said MS, so. I said observer, and etherpeek in case the OP ever gets to the point where he know enough to want more, and Yes I am expert an captures, but he isn't when he plays some he will ask more questions and after all isn't that why we do this? We are here to help not bicker.

Ken
My System SpecsSystem Spec
03 Jul 2009   #20
sup3rsprt

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by akramh View Post
ok you know of any guides that I can use to do that? what software is used?
This will help you learn about MITM.

SlimJim100 - Live Demo of Cain & Able and the Man-in-the-middle-attack from Outerz0ne 5 (Hacking Illustrated Series InfoSec Tutorial Videos)

Once you are routing everyone's traffic, Wireshark will be much more effective.
My System SpecsSystem Spec
Reply

 monitoring network trafic




Thread Tools




Similar help and support threads
Thread Forum
looking for a network traffic monitoring tool
I am looking for a network traffic monitoring tool that can monitor all the network users, to see who are largely using network(send and receive data). I did some research, but most software I found can only monitor the local computer. Does anybody know is there any good network traffic...
Network & Sharing
12 of the most recommended network monitoring tools
This is an article from Tech republic with screen shots and links to various networking tools. About 1/2 of them are free. 12 of the most recommended network monitoring tools | TechRepublic Photo Gallery
Network & Sharing
network monitoring
l was just wondering if there is a good way to monitor networking. long story short l booted up my laptop and the network suddenly becomes very slow for some reason, lve looked on my firewall and it tells me lm maxing out the connection, the strange part is that l dont know where!! because it...
Network & Sharing
Five free network monitoring tools
Read More: Five free network monitoring tools | TechRepublic
Network & Sharing
Network monitoring after the fact
Is there a network monitoring program that lets me see when files where accessed after the program has been installed?
Network & Sharing
Looking for network & Internet monitoring software
I'm looking for some software that can monitor inbound and outbound traffic through my D-Link DIR-655 router by individual workstation. I'm running a XP machine as a server x86, with coldfusion MX (for our home website), and a syslog server on the same machine. The software would run on this...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:24.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App