|
|||||||
| Hardware Discussion & Support Discuss your computer - its components or ANY hardware, past/current/future you want, or ask our forum experts if you have a general problem with your hardware. |
 |
|
|
Thread Tools |
Sep 19, 2003, 02:05 AM
|
#1 |
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 131
Rep Power: 0  |
network sniffing software
If anyone knows of some good network sniffing software could you please post the name of it, and possibly a web site where i can download it...thanks..
|
|
|
|
Sep 19, 2003, 02:11 AM
|
#2 |
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0 |
Ethereal is the best one I know of. If you want wireless, look at Kismet. Um... what platform are you using? That's pretty important.
__________________
[img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator) |
|
|
|
|
Sep 19, 2003, 02:13 AM
|
#3 | |
|
Obvious Closet Brony Pony
|
what do you use this program for?
__________________
Quote:
|
|
|
|
|
|
Sep 19, 2003, 02:41 AM
|
Thread Starter
#4
|
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 131
Rep Power: 0 |
well im not sure how it would work, but i would be plugging my laptop into the network here at school to find out where all the bandwidth is going...i am kindof a sub at since the other one left two weeks ago and we are awaiting the arrival of the new one....
|
|
|
|
|
Sep 19, 2003, 02:42 AM
|
#5 |
|
Number Nine
|
|
|
|
|
|
Sep 19, 2003, 08:47 AM
|
#6 | |
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0 |
Quote:
 Its pretty powerful in a complicated way... you deal with stuff going all the way down to the hex headers for packets if you need to. What is the network setup? Is it a switched network? Do you have access to the routers for the network? Why do you need to find out where the bandwidth is going with network sniffing? I would think that for that it would be significantly easier to just look at logs from your border routers and see what protocol/ports are being used to get an idea of what programs are using up your bandwidth (kazaa if not blocked can consume obscene amounts of bandwidth), and restrict the ports that people are using that you don't want to and rate limit those that are being abused but should stay open, and then keep track of MAC addresses or IPs of offenders and systematically check the computers on your network.
__________________
[img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator) |
|
|
|
|
|
Sep 19, 2003, 12:05 PM
|
#7 |
|
DriverHeaven Junior Member
Join Date: Jul 2002
Location: Jakarta
Posts: 24
Rep Power: 0 |
WildPacket Etherpeek is one of the best sniffing tools. but, becarefull when you sniff your school network. it might be illegal in some countries, esp US.
you can try Sniffer PRO, eEye IRIS (this one is good when reconstructing HTTP packets) |
|
|
|
|
Sep 19, 2003, 12:16 PM
|
#8 |
|
Live from the Dungeon
Join Date: May 2003
Location: Between the SubWoofers
Posts: 1,395
Rep Power: 0 
|
Iris by eEye
One of the best Sniffers out there now is made by eEye Digital Security. The program is a called Iris . We have been testing this program out at work and it is pretty scarry how powerful this one is...... Small example...... I was able to see the EXACT webpage a guy in our lab went to and also found out what his password was since it was transmited in clear text. Now when I say I was able to see the webpage I don't just mean the name.... I was able to bring up the page in the sniffer just from the content sniffing...... One other small example... we sent a test e-mail with an attatchment.... we were able to grab the e-mail and the attachment and open them on the sniffing mach.......
  To get this one... check your local Newsgroup...  or get a demo from the link above...
|
|
|
|
|
Sep 19, 2003, 07:07 PM
|
#9 |
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0 |
I still rather like Ethereal, I like the feel of it since I learned almost everything I did from using it on my home network
 However, IRIS is looking interesting, I'm definitely gonna take a look
__________________
[img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator) |
|
|
|
|
Sep 20, 2003, 05:06 AM
|
#10 |
|
DriverHeaven Junior Member
Join Date: Sep 2003
Posts: 29
Rep Power: 0 |
we use Iris on my campus, just today someone on wireless was looking for child porn and we were able to bust him pretty quick.
|
|
|
|
|
Sep 20, 2003, 05:08 AM
|
#11 |
|
Banned
Join Date: Nov 2002
Location: In clothing
Posts: 3,510
Rep Power: 0
|
Hmm, I'll just add my opinion. I like Etheral the best as well.
|
|
|
|
|
Sep 20, 2003, 02:45 PM
|
Thread Starter
#12
|
|
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 131
Rep Power: 0 |
Quote:
There are some times of the day that the internet is extremely slow, and we have teachers that are complaining that their students "cant get to sites, and the internet is really slow"...so we are trying to find out where all the bandwidth is going...my guess is it is students playing online games...i do have access to the routers, and it is a switched network, it would be nice to see exactly where the users are going, and what they are doing, as i do know there are a lot of people that are places they shouldnt be...our theory is kazaa or downloading in general is ok after school, during school the users need to be able to access sites be it for research or just e-mailing homework home....where would i find out what ports to block??...i dont know what ports kazaa runs on??....I have a pretty good idea of the routers and all that stuff, as i have taken CISCO, but im not the best....i really need to study!!!....thanks for all your help.... |
|
|
|
|
|
Sep 21, 2003, 06:55 AM
|
#13 | |
|
confutatis maledictis
|
Quote:
__________________
Digitalis 3.3 Athlon 64 3000 // ASUS K8V SE Deluxe // 1024MB PC3200 (2-2-2-10 1T)
ATI All-In-Wonder 9700 Pro // 20" Dell 2005FPW (DVI) M-Audio Revo 7.1 + Philips Acoustic Edge // Klipsch ProMedia 2.1 320/16 Western Digital WD3200KS + 120/8 Seagate 7200.7 NEC ND-3550A 16x DVD±RW + Lite-On 52x24x CD-RW Antec Sonata case // 480W Antec TruePower personal bests || Aq'3: 46796 | 3D'01: 20461 | 3D'03: 6336 | 3D'05: 2677 | PC'04: 4605 | PC'02: 7691,9092,1250 |
|
|
|
|
|
Sep 21, 2003, 10:39 AM
|
#14 |
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0 |
Students will be able to get around that, though, just by changing the port or using HTTP tunneling. My idea is to set up a server to control the routers and set up crons on a schedule to run scripts to rate limit all ports but 80 (http) during regular school hours to 5kb/s, and if someone needs more than that to talk to you about it
Online games won't absorb your bandwidth much unless someone is running something like a 64 person bf1942 server (can saturate a t3)
__________________
[img][/img] [color=White]Peace be with you, Joe.[/color] Driverheaven Staff Member (Supermoderator) |
|
|
|
|
| Thread Tools | |
|
|
