Being a class-A busybody on an effort budget
January 17, 2008 9:30 PM Subscribe
Wall-of-sheep type network monitor for user-configurable interesting traffic (URLs, IM conversations)?
I'm interested in the traffic that goes across a guest network at my house, but not interested enough to pull apart and re-assemble packets (I do enough of that at work). Ideally I'd like to check into a web page and have it present the clear-text URLs, IMs and other fun data it's caught during the day. Like a wall-of-sheep or Etherpeg with logging. I've already got the span port and beefy, under-utilized linux box in place. Any software recommendations?
I'm interested in the traffic that goes across a guest network at my house, but not interested enough to pull apart and re-assemble packets (I do enough of that at work). Ideally I'd like to check into a web page and have it present the clear-text URLs, IMs and other fun data it's caught during the day. Like a wall-of-sheep or Etherpeg with logging. I've already got the span port and beefy, under-utilized linux box in place. Any software recommendations?
I'm not trying to be a jerk... but are you leaving a guest network open just so you can snoop in people's traffic? That seems a little disingenuous... doesn't it? I mean we've all been stuck without a connection at one point or the other and hopped on an open wifi channel.
It's your connection so obviously it's your rules, but karma-wise some might argue it would be better to leave it open and not log. Or least make the SSID = "I am logging! Use https!"
posted by sharkfu at 11:06 PM on January 17, 2008 [1 favorite]
It's your connection so obviously it's your rules, but karma-wise some might argue it would be better to leave it open and not log. Or least make the SSID = "I am logging! Use https!"
posted by sharkfu at 11:06 PM on January 17, 2008 [1 favorite]
Best answer: sounds like you want to use urlsnarf and/or some of the other tools out of Dug Song's dsniff toolkit... source here, faq here, and available packed for all decent linux distributions... if you install prepackaged, check if your distro offers dsniff-devel or similar as well as dsniff - the last "release" (2.4b1) is technically labelled a beta, so some distros package it distinctly from the previous even older "stable" release... it's not seen active development in ages, but then again the protocols it peeks into haven't changed much in the last few years either...
posted by russm at 12:58 AM on January 18, 2008
posted by russm at 12:58 AM on January 18, 2008
This thread is closed to new comments.
posted by rhizome at 10:38 PM on January 17, 2008