Internet traffic monitoring
Submitted
by
Shalmendo
Shalmendo writes "A client has specific needs and it's been awhile since I last worked on an extensive networking project. Therefore, I need some advice from the slashdot community, and the variety of experts within it.
My client needs to monitor traffic on his LAN, particularly going out to the internet. This will include websites like facebook, myspace, and similar, including from mobile devices.
So far, based on the network education I have, I've concluded that it might be best to get a tap (And some kind of recording system with wireshark, probly a mini-barebone), or replace the existing Linksys router with a custom built mini barebone system with linux routing software and appropriate storage capacity etc to record traffic internally. (either way it looks like I will need to put together a mini barebone system for some purpose)
My client is trying to protect his family from scammers and other unsavory types, and isn't savvy in this matter, so i'm doing it for him.
What I need is a way to record the traffic at a singular point, like modem/router areas, or similar, and a way to scrape out facebook, myspace, and other messages. It also appears that the client's family is using iphones and some game called 'words' which has message capability. Is it possible to scrape messages out of that game's packets, or are they obfuscated? Can I write a script?
What software would you recommend? Linux routing OS? Can we sniff packets and drop them on the internal hard drive? or would a tap be better?
How do I analyze and sort the data afterwards? my client needs easily read evidence (Such as text or screenshots) he can use as proof in discussion with his family to try and intercede in any potentially harmful transactions.
In other words, how can I Achieve this goal? I have basic and medium training in computer networking, so I can make my own cables and such, but I've never worked on this exact kind of project before, and thought it might be better to query slashdot instead of do my own research from scratch.
After days of discussion with the client, it's not plausible to put monitoring software in the devices on the network (due to leagal issues and a few other factors), so I concluded a network tap or other device would be the best way to capture and study what's going on.
This needs to be clandestine.
Serious answers please! I'm not looking to start a debate, i just want some recommendations."
My client needs to monitor traffic on his LAN, particularly going out to the internet. This will include websites like facebook, myspace, and similar, including from mobile devices.
So far, based on the network education I have, I've concluded that it might be best to get a tap (And some kind of recording system with wireshark, probly a mini-barebone), or replace the existing Linksys router with a custom built mini barebone system with linux routing software and appropriate storage capacity etc to record traffic internally. (either way it looks like I will need to put together a mini barebone system for some purpose)
My client is trying to protect his family from scammers and other unsavory types, and isn't savvy in this matter, so i'm doing it for him.
What I need is a way to record the traffic at a singular point, like modem/router areas, or similar, and a way to scrape out facebook, myspace, and other messages. It also appears that the client's family is using iphones and some game called 'words' which has message capability. Is it possible to scrape messages out of that game's packets, or are they obfuscated? Can I write a script?
What software would you recommend? Linux routing OS? Can we sniff packets and drop them on the internal hard drive? or would a tap be better?
How do I analyze and sort the data afterwards? my client needs easily read evidence (Such as text or screenshots) he can use as proof in discussion with his family to try and intercede in any potentially harmful transactions.
In other words, how can I Achieve this goal? I have basic and medium training in computer networking, so I can make my own cables and such, but I've never worked on this exact kind of project before, and thought it might be better to query slashdot instead of do my own research from scratch.
After days of discussion with the client, it's not plausible to put monitoring software in the devices on the network (due to leagal issues and a few other factors), so I concluded a network tap or other device would be the best way to capture and study what's going on.
This needs to be clandestine.
Serious answers please! I'm not looking to start a debate, i just want some recommendations."
