1
1
I'm doing some research right now where I want to monitor a group of individuals uses of the web (with permission, of course).
I'm looking for the cheapest, and easiest way to collect network traffic, and if possible, send it secured to a remote location, while at the same time reducing the possibility of interrupting the users normal practices.
I've looked into a number of things so far, network taps would probably be useful as it would allow me get a copy of the traffic while leaving the original untouched. I've seen that these can be made fairly cheaply and easily with stuff I could get from Home Depot or the like.
The harder question is what I can use for the actual collection. I'm interested mainly in http traffic. I likely won't be on site where the users are very frequently, so it would be nice to have something I can put in place, and have it just work (if that's possible). I would like to avoid needing more heavy weight solutions like computers if possible, as I'd likely have to build one specifically for this.
Jamie Starke
Posted 2011-10-28T03:24:47.747
Reputation: 129
Yes, they'll all be going across a single Internet connection. Can you recommend any resources on port mirroring? Can you recommend any commodity hardware for achieving this? – Jamie Starke – 2011-10-28T05:20:41.910
Port mirroring largely depends on the device(s) you have. IF you could provide some details on that I might be able to help. By commodity hardware I mean just about anything with a functioning CPU/mobo/RAM/haddrive -- grab that 2-year-old workstation out of the storage unit and dust it off. – Garrett – 2011-10-28T05:27:36.800