0
This is a bit weird. I want to see the content of all TCP/IP connections coming in/out of the system.
Is any of this possible on the same machine? I know I won't be able to see encrypted content but that's fine.
Are there any hardware devices you put in between of the computer and router which logs all connections?
code ninja
Posted 2012-12-20T17:22:42.880
Reputation: 137
4
Pretty simple if you're on the same machine. Look at Wireshark. If you're on a different machine, simply put a HUB between the target and the network, and connect to the hub on the computer with wireshark.
Viertaxa
Posted 2012-12-20T17:22:42.880
Reputation: 369
"simply put a HUB..." - Might be easier said than done. There are no Gigabit hubs. You won't find any new Ethernet hubs for sale at retail outlets; if you ask for a "hub" you'll get a USB hub. You will have to look for a used hub. And some "hubs" are actually switches (as documented at the Wireshark site). – sawdust – 2012-12-20T21:05:14.107
1
If you need a dedicated machine, I would recommend untangle, as it is way easier to set up than a linux/unix distribution chosen at random.
Gunnish
Posted 2012-12-20T17:22:42.880
Reputation: 219
Yeah, this is what I was going to say, a Linux or BSD box with two NICs to pass the traffic, logging what you need to. This running NAT with a plain 10mb ethernet hub it how we shared the connection back in the day. Haven't tried untangle. It would take some knowledge or learning to get it working, depending on your background. – Bratch – 2012-12-21T01:25:53.050
3on a side note - it is perfectly possible to see the encrypted connection content as well - you just need to supply the certificate. I will not elaborate on the details but i thought it was worth mentioning... – mnmnc – 2012-12-20T17:28:00.007