|
| Notices |
DriverHeaven is currently recruiting for the AWOMO Beta Test / Elite Op Team. AWOMO is a digital download service for games, and we're looking to expand the beta team. If you're interested. Sign up as a member here at DriverHeaven and then head HERE to submit your details. Thanks
For more info on AWOMO visit their site HERE
Welcome to the DriverHeaven.net forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
 |
Sep 18, 2003, 08:05 PM
|
#1
|
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 130
Rep Power: 0
|
network sniffing software
If anyone knows of some good network sniffing software could you please post the name of it, and possibly a web site where i can download it...thanks..
|
|
|
|
Sep 18, 2003, 08:11 PM
|
#2
|
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0
|
Ethereal is the best one I know of. If you want wireless, look at Kismet. Um... what platform are you using? That's pretty important.
|
|
|
|
|
Sep 18, 2003, 08:13 PM
|
#3
|
|
DH's Dormant Dragon
Join Date: May 2002
Location: IN Rem-Dormancy
Posts: 24,189
|
what do you use this program for?
|
|
|
|
|
Sep 18, 2003, 08:41 PM
|
#4
|
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 130
Rep Power: 0
|
well im not sure how it would work, but i would be plugging my laptop into the network here at school to find out where all the bandwidth is going...i am kindof a sub at since the other one left two weeks ago and we are awaiting the arrival of the new one....
|
|
|
|
|
Sep 18, 2003, 08:42 PM
|
#5
|
|
DriverHeaven Extreme Member
Join Date: May 2002
Location: Nova Scotia
Posts: 4,473
|
Etherpeek was a good one
Grab the demo Here !!! |
|
|
|
|
Sep 19, 2003, 02:47 AM
|
#6
|
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0
|
Quote:
Originally posted by giganick
well im not sure how it would work, but i would be plugging my laptop into the network here at school to find out where all the bandwidth is going...i am kindof a sub at since the other one left two weeks ago and we are awaiting the arrival of the new one....
|
You'd be lost with Ethereal  Its pretty powerful in a complicated way... you deal with stuff going all the way down to the hex headers for packets if you need to. What is the network setup? Is it a switched network? Do you have access to the routers for the network? Why do you need to find out where the bandwidth is going with network sniffing? I would think that for that it would be significantly easier to just look at logs from your border routers and see what protocol/ports are being used to get an idea of what programs are using up your bandwidth (kazaa if not blocked can consume obscene amounts of bandwidth), and restrict the ports that people are using that you don't want to and rate limit those that are being abused but should stay open, and then keep track of MAC addresses or IPs of offenders and systematically check the computers on your network. |
|
|
|
|
Sep 19, 2003, 06:05 AM
|
#7
|
|
DriverHeaven Junior Member
Join Date: Jul 2002
Location: Jakarta
Posts: 24
Rep Power: 0
|
WildPacket Etherpeek is one of the best sniffing tools. but, becarefull when you sniff your school network. it might be illegal in some countries, esp US.
you can try Sniffer PRO, eEye IRIS (this one is good when reconstructing HTTP packets)
|
|
|
|
|
Sep 19, 2003, 06:16 AM
|
#8
|
|
Live from the Dungeon
Join Date: May 2003
Location: Between the SubWoofers
Posts: 1,395
Rep Power: 0
|
Iris by eEye
One of the best Sniffers out there now is made by eEye Digital Security. The program is a called Iris . We have been testing this program out at work and it is pretty scarry how powerful this one is...... Small example...... I was able to see the EXACT webpage a guy in our lab went to and also found out what his password was since it was transmited in clear text. Now when I say I was able to see the webpage I don't just mean the name.... I was able to bring up the page in the sniffer just from the content sniffing...... One other small example... we sent a test e-mail with an attatchment.... we were able to grab the e-mail and the attachment and open them on the sniffing mach.......  
To get this one... check your local Newsgroup...  or get a demo from the link above... |
|
|
|
|
Sep 19, 2003, 01:07 PM
|
#9
|
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0
|
I still rather like Ethereal, I like the feel of it since I learned almost everything I did from using it on my home network  However, IRIS is looking interesting, I'm definitely gonna take a look |
|
|
|
|
Sep 19, 2003, 11:06 PM
|
#10
|
|
DriverHeaven Junior Member
Join Date: Sep 2003
Posts: 29
Rep Power: 0
|
we use Iris on my campus, just today someone on wireless was looking for child porn and we were able to bust him pretty quick.
|
|
|
|
|
Sep 19, 2003, 11:08 PM
|
#11
|
|
Banned
Join Date: Nov 2002
Location: In clothing
Posts: 3,510
Rep Power: 0
|
Hmm, I'll just add my opinion. I like Etheral the best as well.
|
|
|
|
|
Sep 20, 2003, 08:45 AM
|
#12
|
|
Frikkin COmputer~!
Join Date: Jul 2002
Location: Kaysville, Utah
Posts: 130
Rep Power: 0
|
Quote:
Originally posted by ToshiroOC
You'd be lost with Ethereal Its pretty powerful in a complicated way... you deal with stuff going all the way down to the hex headers for packets if you need to. What is the network setup? Is it a switched network? Do you have access to the routers for the network? Why do you need to find out where the bandwidth is going with network sniffing? I would think that for that it would be significantly easier to just look at logs from your border routers and see what protocol/ports are being used to get an idea of what programs are using up your bandwidth (kazaa if not blocked can consume obscene amounts of bandwidth), and restrict the ports that people are using that you don't want to and rate limit those that are being abused but should stay open, and then keep track of MAC addresses or IPs of offenders and systematically check the computers on your network.
|
There are some times of the day that the internet is extremely slow, and we have teachers that are complaining that their students "cant get to sites, and the internet is really slow"...so we are trying to find out where all the bandwidth is going...my guess is it is students playing online games...i do have access to the routers, and it is a switched network, it would be nice to see exactly where the users are going, and what they are doing, as i do know there are a lot of people that are places they shouldnt be...our theory is kazaa or downloading in general is ok after school, during school the users need to be able to access sites be it for research or just e-mailing homework home....where would i find out what ports to block??...i dont know what ports kazaa runs on??....I have a pretty good idea of the routers and all that stuff, as i have taken CISCO, but im not the best....i really need to study!!!....thanks for all your help.... |
|
|
|
|
Sep 21, 2003, 12:55 AM
|
#13
|
|
confutatis maledictis
Join Date: May 2002
Location: somewhere dark
Posts: 5,952
Rep Power: 0
|
Quote:
Originally posted by giganick
i dont know what ports kazaa runs on??....
|
Kazaa usually runs on port 1214. |
|
|
|
|
Sep 21, 2003, 04:39 AM
|
#14
|
|
Unbiased.
Join Date: Jun 2002
Posts: 4,812
Rep Power: 0
|
Students will be able to get around that, though, just by changing the port or using HTTP tunneling. My idea is to set up a server to control the routers and set up crons on a schedule to run scripts to rate limit all ports but 80 (http) during regular school hours to 5kb/s, and if someone needs more than that to talk to you about it Online games won't absorb your bandwidth much unless someone is running something like a 64 person bf1942 server (can saturate a t3) |
|
|
|
|
|
|
