Recommend Packet Sniffers & Network Security Tools Something I saw on the news this morning...

[iceblade1405241492 0]

On the news this morning, they were talking about packet sniffers and how people could use them for less then desireable deeds.So, while I don't want one for dubious deeds, I would like one to check up on our network... Our network isn't secured (my dad doesn't want to for some reason?) so I would like to check up and make sure that our neighbors aren't doing anything illegal. So, anyone know of any safe sniffers to monitor network access? Or, really, any utility to do it satisfactorily. It would be an added bonus if you could block offenders. Would also be nice if you could tell their OS system, as I am the main windows user in my house... My dad has one for work, but prefers his mac. Anyway. So if it was windows, I could be sure that it was most likely a neighbor; especially if my dad was off on a business trip of some sort. Free would be nice too...Any other nice security utilities? I know that keyloggers are often hailed as being things to ruin other peoples electronic lives, but I would like one also as a security utility. Any other interesting utilities I may be interested in? Thanks.

[nightfox1405241487 0]

A good free packet sniffer is Ethereal. Link: http://www.aos5.com/cloud_acquired
I use it on my home network to see where bandwidth is going if I notice it's running slow. In order to have it real-time and display all the packets, you have to jump into the configuration.

If you're paranoid about your neighbors, most routers keep access logs (that's how I found my neighbors accross the street on my network) so check and block your neighbor's MAC address(es) (that is if you want to be the mean network admin). Ethereal is a more "advanced" packet sniffer. It sees EVERYTHING (I've been able to read AIM conversations in the packet) that isn't encrypted. If you want to check up on your neighbors, but don't want to have to read a ton of technical data, you'll have to search.

WARNING: DO NOT do anything STUPID with security tools. You're walking on a THIN LINE with them. Some people will look at you as a malicous hacker while others will think you're network security. Most keyloggers are already known so running a spyware scan will reveal them (same with VNCs). That is, unless, you write your own.

Remember: Security tools are NOT toys! They are "tools" and tools are ment to do jobs. You wouldn't play around with a jack-hammer, so don't play around with security tools.

[N]F

Edited May 22, 2006 by nightfox (see edit history)

[iceblade1405241492 0]

A good free packet sniffer is Ethereal. Link: http://www.aos5.com/cloud_acquired

I use it on my home network to see where bandwidth is going if I notice it's running slow. In order to have it real-time and display all the packets, you have to jump into the configuration.

 

If you're paranoid about your neighbors, most routers keep access logs (that's how I found my neighbors accross the street on my network) so check and block your neighbor's MAC address(es) (that is if you want to be the mean network admin). Ethereal is a more "advanced" packet sniffer. It sees EVERYTHING (I've been able to read AIM conversations in the packet) that isn't encrypted. If you want to check up on your neighbors, but don't want to have to read a ton of technical data, you'll have to search.

 

WARNING: DO NOT do anything STUPID with security tools. You're walking on a THIN LINE with them. Some people will look at you as a malicous hacker while others will think you're network security. Most keyloggers are already known so running a spyware scan will reveal them (same with VNCs). That is, unless, you write your own.

 

Remember: Security tools are NOT toys! They are "tools" and tools are ment to do jobs. You wouldn't play around with a jack-hammer, so don't play around with security tools.

 

[N]F

 

 

Okay, that is a good call back to reality. As for being a hacker, yeah, I get that. And thanks for the warning... But, they would be on my family's internet connection, so... Anyway, thanks. I will keep this in mind. Thanks!

[seec77 0]

I always found AnalogX PacketMon to be adequate for my modest sniffing needs. I remember having a problem with it due to my router at one point, but I think that I was able to use it normally afterwards... but just check for yourself! This program is also really good for reverse engineering a protocol or something!

[snutz411 0]

If you are familiar with Linux, you may want to use a Live-CD called PHLAK. It is short for Professional Hackers Linux Assault Kit. It has all the network security tools that any script kiddie would need or want. I won't tell you have to use any of it since that would probably be for the best, but all the tools are pretty much command line.If you want to use this distro of Linux, then learn command line. It is seriously worth it if you want to just be knowledgable of another OS.

[yordan 10]

Seems to be very promissing.Unfortunately, Ethereal crashes on my system, with error :13:53:56 Err file emem.c: line 252: assertion failed: (ret == TRUE)Press any key to exitToo bad, seemed a great idea.Yordan

[nightfox1405241487 0]

Seems to be very promissing.Unfortunately, Ethereal crashes on my system, with error :
13:53:56 Err file emem.c: line 252: assertion failed: (ret == TRUE)
Press any key to exit

Too bad, seemed a great idea.

Yordan

Yeah, it is a very detailed sniffer

[N]F