I read through the wireless capture and the other hub/switch/tap capturing, but I'm very confused. What I want to do is capture all of the info from my wifi router from how ever many users are using it at that time. The router is sitting next to my laptop, so I have access to it. What do I have to buy? I feel like simple is better and that there should be something I can connect to the router and connect that to my computer that will do the job. Any help is appreciated. asked 02 Dec '10, 13:13  neilk |
5 Answers:
Most simple IMO: Download some bootable Linux-Live-whatever distro (Slitaz-AirCrack-NG f.e.) and throw your Laptop into wireless sniffing mode.
The whole scenario also works on a flashed linksys OpenWRT of course if you want to have a 24/7 sniffer answered 06 Dec '10, 06:02  Landi edited 06 Dec '10, 06:24 |
Having access to the router is a start. However it is a low-end home-user router it is unlikely to have what is needed built-in - 99.9% of home users won't know how to use wireshark. If is more of an enterprise grade router it might have a packet capture function or port-mirroring function - check the manual. Another option, is if your router can be changed to run a more open and flexible software stack like OpenWRT then you can do packet captures onboard with tcpdump. If your router connects to Internet (or the rest of the network) via Ethernet then you can install a hub or cheap port-mirroring capable switch to copy that traffic to another port for Wireshark monitoring. For instance an HP ProCurve 1810G can do this. You might also find an old Ethernet hub (not switch) that will repeat traffic out of all ports to the same end. Finally if you just want to capture the wireless traffic - you can use a laptop with Wireless to do this. Your wireless card and encryption method will help determine your success - and you can get some dedicated capture cards such as those from CACE that might be helpful answered 02 Dec '10, 14:50  martyvis |
to sniff your router i have another way ... like buy a usb-wifi that knows AP mode and simulate a wifi router ( use the same name , channel etc like your normal wifi router ) after, u p.s. the cost of the usb-wifi card is like 20-30 $ the software is free + time ( like 1h max ) i say is affordable :) cya later alligator. answered 21 Jan '11, 06:28  colapsys edited 21 Jan '11, 06:29 |
There is a much easier way. Although the thread is old I offer this in case anyone else is searching. Buy a router that is compatible with Gargoyle (http://www.gargoyle-router.com/). In my case I am using a Netgear WNDR3700v2. It works really well because you can install Gargoyle firmware right from the router's browser interface. Download the appropriate file from Gargoyle. In this case, gargoyle_1.4.2-ar71xx-wndr3700v2-squashfs-factory-NA.img (If you are in North America, otherwise use the other .img file.) Then open your browser and type in 192.168.1.1 to open your router's interface. Write down all your current browser settings (Isp, subnet mask, gateway, dns servers etc). You may have to manually reenter them in your upgraded browser. Then click on update software. You will have the option to choose a file. Choose the file you downloaded from Gargoyle. Click Install. The process will take less than three minutes and you will have a router with a MUCH faster interface that can log everything that goes through your router. You will be able to monitor everyone's activity or just the ones you select. It will record either IP addresses or domain names and will download them to a spreadsheet if you prefer. In addition, you will also be able to LOCK all users to the DNS server you prefer (in my case opendns). Then you can set different schedules for different users. It is the perfect tool for parents trying to monitor and/or control what their kids are doing online. Very nice GUI--not too much technical skill should be required. answered 28 Sep '11, 12:35  glnagrom |
This worked for me. http://thatexplainsalot.com/blog/2010/11/use-wireshark-and-dd-wrt-router-firmware-to-imitate-port-monitoring-on-a-router-switch-port/ answered 08 Oct '14, 10:51  yardjockey |
I read the stuff you are talking about and that is what confused me, because the setup I want should be simple. I don't mind buying a different router or re-flashing an old linksys, but after it is set up, I want it to be as simple as possible.
From what I read using a hub would drop packets and the wificard in another laptop would only pick out one user at a time plus the added bulk. I like simple lightweight things, what would do the job properly?