Help me be in charge of my network!
June 30, 2010 10:38 AM Subscribe
Wireless router questions: monitoring traffic and custom firmware.
I'm running a Belkin wireless router at home (dual-band; don't know the model number offhand) and as the person in charge of the internet bill and the home network, I'd like to put myself more in charge of things.
1. How can I monitor what people are doing on the network? i.e. If there's a friend of a friend using my network, I'd like to know what they're up to. (I'm more interested in "They were on Facebook" rather than "Great, now I have their login information!" Just a general idea is more than enough.)
I don't want to debate the ethics of this, thanks.
2. I've read that setting up custom firmware can make my router more secure, but secure from what? How do I make custom firmware? What else should I know to be the Ultimate Network Hero? (For this step, please act as if I'm clueless about how routers work.)
Thanks, MeFi!
I'm running a Belkin wireless router at home (dual-band; don't know the model number offhand) and as the person in charge of the internet bill and the home network, I'd like to put myself more in charge of things.
1. How can I monitor what people are doing on the network? i.e. If there's a friend of a friend using my network, I'd like to know what they're up to. (I'm more interested in "They were on Facebook" rather than "Great, now I have their login information!" Just a general idea is more than enough.)
I don't want to debate the ethics of this, thanks.
2. I've read that setting up custom firmware can make my router more secure, but secure from what? How do I make custom firmware? What else should I know to be the Ultimate Network Hero? (For this step, please act as if I'm clueless about how routers work.)
Thanks, MeFi!
Sidenote---it may be possible to enable logging in your router. Be aware that depending on your router, this may or may not generate gobs of data, and may only show post-dns entries (IP addresses of remote computers), versus real domain names. This may show you what people are doing, but probably not so much.
posted by TomMelee at 11:22 AM on June 30, 2010
posted by TomMelee at 11:22 AM on June 30, 2010
Without the specific model of your router, I would not be able to point you to any info as to whether you can set up your router with custom firmware or not. Only certain models support this, and it takes, IMO, above average tech skills to deal with.
As a sys admin, I have used custom firmware on my routers in the past, but I no longer do so, as I found more recent hardware performed a great deal better, and custom firmware is not yet available for these.
As for monitoring what people are doing on the network, you'll need to know MAC addresses of all the computers in the house, and check the logs (if any) that those MAC addresses generate. If the question is friend's devices, rather than the stuff in the house that is always on the network, then figure out which MACs are "normal" and scan the logs for unknown MACs. Tbh, I don't really see why you would be concerned about this, unless you're having a problem with folks on your network going to sites where they might pick up a malware and infect the other computers on the network.
posted by unixgeek at 11:25 AM on June 30, 2010
As a sys admin, I have used custom firmware on my routers in the past, but I no longer do so, as I found more recent hardware performed a great deal better, and custom firmware is not yet available for these.
As for monitoring what people are doing on the network, you'll need to know MAC addresses of all the computers in the house, and check the logs (if any) that those MAC addresses generate. If the question is friend's devices, rather than the stuff in the house that is always on the network, then figure out which MACs are "normal" and scan the logs for unknown MACs. Tbh, I don't really see why you would be concerned about this, unless you're having a problem with folks on your network going to sites where they might pick up a malware and infect the other computers on the network.
posted by unixgeek at 11:25 AM on June 30, 2010
If your worry is what unixgeek brings up, security of your own network, pfsense is again a good choice. You can run that with an extra NIC for guest wireless. You can configure that to access the internet, but not your LAN.
posted by Climber at 11:46 AM on June 30, 2010
posted by Climber at 11:46 AM on June 30, 2010
This thread is closed to new comments.
When you hear of custom firmware on routers, you generally hear about it in regards to the Linksys WRT54G, now the WRT54GL router. Basically, to save money, Linksys (Cisco) installed a dumbed down version of Linux instead of creating a custom software set. People realized it, and wrote custom firmware like DD-WRT and Tomato. (I prefer Tomato myself, but it's been a while for either.)
Both are very cool, and give you basically full control over all the hardware inside the router. Here's a lifehacker article w/ a good jumping off point for you.
Anyway, the probability that you're going to find custom firmware for your belkin is slim to none, in my experience. You can, however, pick up a shiny new WRT54GL w/ high-gain antennae and a heatsink on the chip (to prevent overheating when you increase the signal power) for about $50-$80, with the custom firmware already installed. Here's one. I am not affiliated w/ this person.
As for snooping on traffic...it's hard to do this from a computer downstream from the router if the router does not include the functionality (your belkin does not), based simply on the way the router isolates traffic.
You can do a lot of fun things---limit material by keyword, limit bandwidth by time, limit applications by time, but actually seeing packet data is going to be difficult if you're not either using a real computer as your router or you're not a power user with custom firmware. There are options out there like netsnoop, but again that is likely over your head and in most cases borderline illegal. (although it is your own network, I believe an individuals traffic is somewhat automatically private unless declared otherwise. I could be wrong about this.)
Should you really want to be hardcore about this, your best bet is to build a cheap little box with two NIC's to use as your router, then turn off the routing functionality of your router and use it as an access point instead---at which point you can see everything everybody does if you have the skill. If you do this without the use of something like pfSense, you're begging to get Pwnt by people with more skill than yourself.
posted by TomMelee at 11:20 AM on June 30, 2010