Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Snooping around 1

Status
Not open for further replies.
hdeassis

hdeassis

MIS
Oct 24, 2000
178
US
have a feeling that a individual on my network has been snooping around. Do you guys know of any third party software that will allow me to view users activity on the LAN? Please advise.


Thanks
H
 
Sort by date Sort by votes
Could you be more specific what you want to do? Packet sniffing, system monitoring, log monitoring, etc?

Also, what platform(s) are you running?

-John ---
John Hoke
 
Upvote 0 Downvote
I have a NT enviroment. I would like to know more about packet sniffing.

Thanks
h
 
Upvote 0 Downvote
Hi,

Sniffer Pro from NAI is pretty good at sniffing packets on the wire. You can configure it to trap all traffic to/from an IP address or MAC address or just individual protocols, etc. If your lan has switches and/or vlans in place then you have to make sure the PC you monitor from will pick up the 'target's traffic - i.e. is on the same switch/vlan or is otherwise definitely going to receive the packets you are interested in. I think its quite expensive though !!

Rgds
 
Upvote 0 Downvote
I would suggest taking an older pc and loading linux on it, then you can use tcpdump and/or many other applications that are
a) free
b) just as good (actually many are better) than the commercial packages
c) good to learn :)

Just my 2cents :)


You could make a darn good sniffer out of an old 486 or if you want to be extravegant... a pentium 133... and 32 mb ram ...

-John ---
John Hoke<br>
 
Upvote 0 Downvote
Forget that, if you have an NT environment, you can just enable auditing on the resources themselves, then add his/her name on the audited list. No need to get fancy with packet sniffing for this. This is where NT is very usefull, and very easy to setup.
 
Upvote 0 Downvote
Hi,

It's true that with M$/NT you can audit ntfs files/folders access, logons, logoffs and even printer use ! I stand to be corrected, but what you can't do monitor all network activity of a user - this is where you need s/w that puts the adapter into promiscious mode and listens to <everything> placed on the wire, i.e. a commercial packet sniffer or tcpdump, etc. A good reference on packet sniffing can be found at --> .

It all depends what you want .. another type of solution is 'spyware' that monitors absolutely everything - e.g. --> .
 
Upvote 0 Downvote
Thank's guys for the info. It should be very handy.
 
Upvote 0 Downvote
Hi

This is my first post to this board, so Hi...


anyway, does anyone know a &quot;stealth&quot; program that allows total loging of a users Pc, ie, keypress, logs, software run during period?


Thanks

Dallas Hindle
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Merlin182
  • Locked
  • Question
Help getting around McAfee Safeboot
Replies
0
Views
41
Merlin182
Merlin182
vco08
  • Locked
  • Question
Any Cisco ASA Firewall peeps around?
Replies
13
Views
51
ADB100
ADB100
RRTier3
  • Locked
  • Question
How long will pix be around ?
Replies
1
Views
40
NetworkGhost
NetworkGhost
captainnapalmse
  • Locked
  • Question
Is there a way around an Internet Monitoring program?
Replies
1
Views
18
Ntr0P
Ntr0P
rpk2006
  • Locked
  • Question
Suggest best Encryption program around. 2
Replies
2
Views
33
jnicks
jnicks

Part and Inventory Search

Sponsor

Back
Top