Questions about packet sniffing
Okay so i want to sniff all info that is communicated on our LAN through http port 80 by all our comps. What is the best way of doing this? Do i use something like DSniff Control and what's the best feature to use (still trying to get my head round ARPspoof etc), and where would i place this application? Essentially i need to intercept communications done through Google Talk, and as it is been used here via a web browser, i suspect it is in cleartext over port 80. It is a security issue at work.
The network consists of a router connected to a hub, and then each of the computers on the LAN are patched into the Hub, including our Mac OS X Server. Would i place DSniff or similar on the server? Or can i get it to monitor traffic through the router from my mac?
Also what is the best way of directly sniffing traffic from a specific mac on the network?
I've spent a long time reading up and attempting to get various sniffers to work, but am clueless in TCP/IP 'acking like.
Any help really appreciated, thank you!
The network consists of a router connected to a hub, and then each of the computers on the LAN are patched into the Hub, including our Mac OS X Server. Would i place DSniff or similar on the server? Or can i get it to monitor traffic through the router from my mac?
Also what is the best way of directly sniffing traffic from a specific mac on the network?
I've spent a long time reading up and attempting to get various sniffers to work, but am clueless in TCP/IP 'acking like.
Any help really appreciated, thank you!
Comments
I've found a machine hanging off the wired network misses stuff. The interception method is the best way to go. Do consider, that this manner of sniffing may be illegal without notifying the individuals that are being monitored depending on the laws of the land.
http://personalpages.tds.net/~brian_hill/macsniffer.html
Consider the network topography. If you have all switches, then there'll be packets on the network that never reach the monitoring computer. Hence, the machine at the head of the network as a catch-all.
Thanks for the advice Biffsta!
Count on the wired network being holey. Wireless security is a tightrope act between accessibility and security.