I've seen a few of you mention monitoring your networks, so I figure I'll try asking this here. Is there an easy (read: software for non-networking gurus) way to monitor traffic over my network? Every Google search turns up tools for breaking into a network, which is not what I want to do. I'm just curious about my own, and an unofficial setup at work.

For example, I assume my network is secure, but I don't have a way that I know of to tell if anyone else is tapping in.

Ethereal?

Just filter out stuff you know is fine, like outgoing HTTP.

Wireshark (http://www.wireshark.org/) is apparently the successor to Ethereal (http://www.ethereal.com/lists/ethereal-users/200609/msg00117.html), though either should work.

I like and use Wireshark quite a bit. Never heard of Ethereal but probably just as easy.

Vice verse for me, never heard of Wireshark but I used the heck out of Ethereal. Either one should work for ya though.

Wireshark and Ethereal are the same project. They just had to change the name. Wireshark is the more current incarnation.

Ah, good to know. Thanks!

I have used Ethereal in the past, haven't had a cause since Wireshark was released, but, as long as it builds on what Ethereal was doing, it is probably the easiest to use packet sniffer out there. It will still require at least a basic understanding of networking.

Thanks all. It'll give me something to play with this weekend while in-laws visit.

Um, because I'm bored - not trying to monitor them. My in-laws are still excited that computers now come with colors, so I'm not worried about them leaching wireless.

If you're using a switched network and run Wireshark on your computer, you won't see any of their traffic. If you want to monitor traffic on other machines, it gets a little more complicated.

It's a new field for me, but something I'm interested in learning. It's just hard to separate information online from hacker tips, which go beyond my understanding of the internets.

So how do you monitor traffic on other devices not necessarily PC type devices? I do not think Wireshark does this. I want to monitor my wireless traffic specifically.

The dd-wrt router firmware gives you some nice options in that area.

I'm playing with our Cisco ASA 5520, so don't be shocked when Ayonae Ro forums go down ;)

Given your constraints, All the traffic goes through your wireless router, so you are stuck with whatever tools come on the router itself.

For any tool to work, it has to see the traffic. If the traffic is somewhere else, then you need an agent along the traffic path to send info back to wherever your tool is installed.

Given your constraints, All the traffic goes through your wireless router, so you are stuck with whatever tools come on the router itself.

For any tool to work, it has to see the traffic. If the traffic is somewhere else, then you need an agent along the traffic path to send info back to wherever your tool is installed.

That's the cool thing about dd-wrt. It'll replace the firmware of most consumer grade routers with more powerful software.

Hi Sanchek,

I assume you mean this? http://www.dd-wrt.com/dd-wrtv3/index.php if yes I will poke around and see what I can find.

But let me describe why I want to do this.

I have a linksys wireless N, I think it is 160N something or other. I have 8 devices that use the wireless capabilities and 4 deivces using the ports on the back.

Device breakdown is:

wireless
2 iPhones
1 xbox 360
1 PS3
2 desktop PC
1 laptop
1 TiVo

wired
3 desktops
1 xbox 360

The wireless devices are a mixture of G and N, no B or A. There are times when one of the wireless PCs downstairs in Leah's office will just lag to hell drop connection and then come back. We've gone through multiple wireless adapters with the same result.

At other times one of my 360s will lag like crazy on xbox live and download like a snail from the marketplace. The one that is wired to the router is speedy. I have even swapped them around and found that it is not the 360 it is the wireless, nor do I think it is something with port forwarding though I have considered reserving an IP and forwarding ports or putting it in a DMZ. The PS3 behaves the same way as the wireless 360.

I do not have issues with my iphones or my TiVo or my laptop. I have tried 2 different wireless N routers and have had the same problem. I used to have the WRT54G but it died on me about 9 months ago so I decided to go with N. It worked great for a bit but then I started having these issues.

I am curious if I should tweak channels or something? I hear some folks say that phones and microwaves can cause issues but I have never had a problem until recently. I thought perhaps if I could sniff my wireless traffic I could see if I'm getting allot of RETRANS or dropped packets.

I am very weak on the wireless things. Hell I even thought about buying a spectrum analyzer. So please offer any suggestions b/c I hate lagging and dying to assholes on Live :( And Leah is bitching about her connection like she has to do work or something. I made her run a cable today ROFL b/c I can't stand the constant calls of now how do I connect to the router again?



Oh and after I first moved into this house some 3 years ago, I made comcast come out and do signal tests on my line coming to my house b/c my bandwidth would be 11Mbps one second and 128kps the next. They replaced a bunch of crap, gave me a new modem and had me increase my package to the 8Mbps service. This was ok until I got the Wireless N, well ok until about 2 months after getting it.

I've always had bad experience with the Linksys routers, as well as the D-Link routers. Does DD-WRT provide a more stable solution, or are the problems with Linksys routers dropping connections related to the router chipset?

I've been considering buying a low-end Watchguard for NAT routing/firewalling and just using a D-Link or Linksys as a G/N router...

I haven't had any of that trouble with DD-WRT, but I haven't had any trouble with my Linksys stuff before either. DD-WRT lets you see what's going on with much greater detail though, which is nice.

It's also nice to see the load% on the router's processor. It's easy to think about these commodity boxes as appliances, but it's easy to overload them with too many connections and see them act flaky due to that.

dd-wrt is awesome. I've used it on a buffalo router I've had for a year. has never had to be rebooted aside from new versions of dd-wrt I've loaded. Gives some very nice high dollar functions to cheapo routers.

At work, i just set up a port on whatever switch I want to monitor traffic in and out of the switch, and use Etherpeek to capture the traffic. I think Etherpeek is something else now, and rather expensive when I looked at buying an updated version.

So I thought I would share what I learned my problem was.

It was N, it was killing my 360.

I tweaked every damn setting imagineable(RTS threshold, fragementation, beacon, you name it). I was even about ready to use a spectrum analyzer. Then one of our network guys said hey disable N and just use G or BG mixed. And sure enough, I can now stream video to my 360, play on live with no lag, or download from the marketplace. I did not change port forwarding or anything else just disabled N. Apparently N doesn't play nice all the time and bleeds into other channels. Since I only had 1 N device on my network I just disabled it.

They have been testing some N routers here for possible use at some of our facilities but have discovered whenever they boot up the router it wipes out our Nortel wireless VoIP phones and other devices on our wireless networks so they aren't even touching it until N is standardized and broadcasting on a different frequency.

So if anyone else experiences a signal that is great one second and bottoms out the next, and then peaks, etc, chances are you have some sort of interference...

Some things I learned. Apps like netstumbler only telling you about traffic and signals on your network where as a spectrum analyzer will show you things outside your network like cordless phones, microwaves, etc. I was about ready to just say eff it and run cable but I'm glad I didn't now :)

N uses multiple channels to move traffic, basically overtaking any nearby 2.4 GHz network. If you can get an N router that transmits in the 5GHz range instead of 2.4GHz, you're b/g networks should be fine (although then you would probably kill nearby 802.11a radios).

N uses multiple channels to move traffic, basically overtaking any nearby 2.4 GHz network. If you can get an N router that transmits in the 5GHz range instead of 2.4GHz, you're b/g networks should be fine (although then you would probably kill nearby 802.11a radios).

Aye, when I bought my N router some months ago this dual band type of router wasn't available yet. I wish I would have waited and gotten one of those.