HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 11 guests and 6 members online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Wireless packet sniffing
Ethical Hacker Community Forums
January 07, 2009, 10:31:00 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Wireless packet sniffing  (Read 2214 times)
0 Members and 1 Guest are viewing this topic.
ramesies
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: December 10, 2007, 08:15:54 AM »
Hi there,

I work in a school boarding house in which the house master and mistress have allowed the boarders access to their own wireless network. They are concerned that the pupils are taking advantage of this and browsing for things that hey shouldnt be (pornm illegal downloads). As a member of the boarding house staff i have the relevant security details to allow me to access this network fully. Unfortunately the router used is a BT homehub and i am unable to find any logs of which computer has been doing what.

I was thinking that maybe packet sniffing would help me out here as i would be able to see who was browsing what websies etc. However im not really sure where to start with this and would be very grateful for some pointers. I feel comfortable using both windows and linux environments and have a copy of backtrack kicking around somewhere.

Many thanks in advance
Logged
dean
Full Member
***
Offline Offline

Posts: 130


View Profile
« Reply #1 on: December 10, 2007, 07:42:05 PM »
well if you have access to the wep/wpa key (assuming a simple network using a PSK and not 802.1x for authentication) you can either associate and sniff the traffic using tools like wireshark or kismet. You mentioned having a copy of BackTrack lying about. Both tools are on it. Then parse the .dump/pcap files for strings that contain urls. Or sniff the traffic using kismet, open the .dump file in wireshark and enter in the WEP/WPA key. http://wiki.wireshark.org/HowToDecrypt802.11 The same can be done using kismet but if you've never used it before then wireshark is probably quickest.

To clear out extraneous data when capturing using wireshark set you capture filter to only capture tcp port 80 & 443 like so: tcp port 80 and tcp port 443

Another option, if you have the capability at your location is to span the switch that your firewall/router is connected to. Then just use wireshark/tcpdump, etc to capture traffic.

HTH,
Dean
Logged
<script>alert('%52%54%46%4D')</script>
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.05 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.