Results 1 to 11 of 11
  1. #1
    Join Date
    Jan 2003
    Location
    Quincy, MA
    Posts
    171

    Emergency Ethereal/TCPDump Help Needed

    This is not hosting related, but does have to do with sysadmin stuff. At home I've got a small network of computers and a couple linux machines. I've never used Ethereal or TCPDump, but need to. I fear that my daughter is doing stuff on the internet, but I haven't been able to catch her.

    I would like to setup Ethereal (probably tethereal) to run on my linux box to capture whatever she is doing on his computer. IM, Mail, Web, everything. My network is connected to a hub (not a switch), so I know that traffic will be broadcast to the linux machine.

    And yes I have the legal right to do this in my house, and if what I fear is true I need to do this so please no arguments about privacy. Any help would be greatly appreciated.

  2. #2
    Join Date
    Nov 2004
    Location
    UK
    Posts
    191
    That probably won't work very well. Ethereal and similar programs give you a pure socket dump so whilst you will quite possiable sniff the web urls and such any IM conversations are most likely encrypted or just too hard to read. Similarly with e-mails, and if she uses web based e-mail chances are it's going to SSL anyway so you won't get anything useful. My advice is that you need to install a key logger or parental monitor on the actual computer, also see if your router / gateway has a url checker utility as some of them do....

    Jona

  3. #3
    Join Date
    Jan 2003
    Location
    Quincy, MA
    Posts
    171
    Yeah, it has a url checker, that's what tipped me off. I need to know the details of the conversations. I'm pretty sure that who she's talking to is a pretty bad kid that we've asked her to stay away from. I hope you understand how desperate I am.

  4. #4
    Join Date
    Jan 2003
    Location
    Quincy, MA
    Posts
    171
    correct me if I'm wrong, but a keylogger is only going to give me what she types, not if she gets a response

  5. #5
    Join Date
    Nov 2004
    Location
    UK
    Posts
    191
    that is correct, I think your best bet would still be some sort of monitoring system, maybe something as simple as VNC ??

    Regardless this is highly unethical perhaphs it might be better to discuss it with your daughter rather than trying to spy on her.........?

  6. #6
    Join Date
    Jan 2003
    Location
    Quincy, MA
    Posts
    171
    Like I stated, my house, my rules, she's underage, there's nothing unethical about protecting a minor from harm. I'm just looking for help.

  7. #7
    Join Date
    Jun 2005
    Location
    127.0.0.1
    Posts
    285
    Well,
    Ive heard of net nanny that can even send you emails if she types certan words into chat conversations. And you could even lock her out of her IM at certan times.

  8. #8
    Join Date
    Jan 2004
    Location
    North Yorkshire, UK
    Posts
    4,163
    Kerio Network Monitor - Now discontinued but can snoop network packets and breaks down HTTP traffic very nicely. It's Windows based, however very easy to see what's going on.

    Net Nanny is a load of rubbish, anyone with a fair bit of computer knowledge can get rid of it.

    To be honest, the best solution would be VNC. Then run the viewer on your machine with keyboard/mouse interaction disabled. That way you can actually see what's happening on the screen.
    Last edited by dkitchen; 06-11-2005 at 08:20 AM.

  9. #9
    Join Date
    Jun 2005
    Location
    127.0.0.1
    Posts
    285
    Well,
    Net nanny is easy for the non-tech person. If you really wanted. Install a trojan and use screen capture. You could get a live video screen of her computer. Make error popups telling her to stop. And take control if she doesn't.

  10. #10
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    What do you think about a good conversation with your daughter?

    You could try IpTraf on the machine that runs your routing (nat?) software. It will show all current connections, and which protocols are used. You will be able to see if there is an ICQ / MSN / P2P connection and so on.

  11. #11
    Join Date
    Dec 2004
    Location
    Canada
    Posts
    1,082
    ethereal can snoop IM services, but it's not the easiest thing to use. You'll need to filter out a bunch of irrelevant stuff, and know how to read the output. Following anything is difficult.

    If you really *really* need to do this (and you don't), something like VNC is your best bet. Or one of those webcam programs that takes a screengrab ever 10 seconds and saves it somewhere (but that's painfully obvious)...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •