simple - packet sniffer

I have seen a billion questions on EE about packet sniffing, but for some reason I can not find one that fits all of my needs.
need 1: free
need 2 : for windows -> rules out Snort, right?
need 3: snifs packets for my entire network, not just my computer - rules out ethereal.

For some reason, even when i put my network card in permiscuous mode in ethereal, i only see packets going to/from my computer, not the other computers behind the common router. Is there not an easy way to sniff packets when behind a router(as opposed to a hub or switch).

This should be a 2 second answer, I just got frusterated looking around for a sniffer that works. My next attempt will be to install cygwin and then install snort onto that, but I hope I do not have to do that.
Thank you.
jramrusAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

The Linksys kit isn't as high-spec as the Cisco kit unfortunately.

But it's not really traffic passing to the router you want to watch is it? If it is I recommend getting a cheap hub and adding it between the switches and the router itself - running a computer with a sniffer directly off the hub will see everything that touches the router (everything passing through the hub).

If you set up something like that Ethereal would happily capture all the traffic except internal network only.

If it's just internal you want to watch then it's more difficult, aside from an option on the switch to capture all traffic I can't really think of much to help.
0
 
Chris DentPowerShell DeveloperCommented:

If you're using Switches, Promiscuous mode won't achieve much (you'll only see broadcasts and traffic bound for that computer).

What type of switches are you working with? Some have the option of allowing you to see all traffic on one port (I think Cisco).
0
 
jramrusAuthor Commented:
I am currently using  Lynxsis router(a division of Cisco). I have danced around the settings for it, but have not seen anything that helped me with this problem.
Thanks.
J
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
riotzConnect With a Mentor Commented:
well to sniff the packets for the whole network you have to make the network believe that "you" are the router..
which is the so called "man in the middle" attack..
you should check ettercap.. it has some pretty nice mitm attack.. and a great password sniffer aswell...
i havent checked the sniffer of the new version out yet.. but it seems to capture all the packets going thru the network now..
if that doesnt work and you are realy in need to capture every single packet combine it with ethereal..

hope that helps..
boh!
0
 
jramrusAuthor Commented:
I will give it a try. So it should work even though I am behind a router?
Thank you very much.
Jordan
0
 
riotzCommented:
uhm well when your router is no high tech ueber router it normaly should

greets
0
All Courses

From novice to tech pro — start learning today.