Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to snif packets of another pc in my network??

Posted on 2009-07-15
3
641 Views
Last Modified: 2012-05-07
How to snif packets of another pc in my network??
0
Comment
Question by:rodstevens
3 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 500 total points
ID: 24866211
1) If the PC you want to sniff is plugged into a hub (likely, it is not) then simply plug your PC running wireshark into the same hub and capture the data.

2) If the PC you want to sniff is plugged into a switch, AND the switch has port mirroring capability you can mirror all of the traffic onto another port and plug your PC into the port you've sent the mirrored traffic into and capture the data.

3) If the switch doesn't have port mirroring capability AND you have a hub, you can cable the PC you want to sniff into the hub, then cable the hub into the switch . . . then plug your PC into the hub and capture data.

4) If you can't do 1, 2, or 3 you will need to download Cain and Able (or a similar product) that allows you to do ARP cache poisoning. This will essentially allow you to be a surreptitious man-in-the-middle.

That said, no offense, but if you can't pull off 1, 2 or 3 you will probably have trouble with the ARP cache poisoning solution. It's a non-trivial task to set up properly and Cain and Able isn't a very user friendly product if you are not more or less network savvy.

Good luck,
SteveJ
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 24866954
Hi,

Nicely mentioned in the above comment. Tell the exact model of your switch. It will help you a lot in checking if it supports port-mirroring. Also you can purchase a hub which can always be useful in such diagnostic purposes. Hub is really very inexpensive these days and you can get one for low price.
0
 
LVL 12

Expert Comment

by:jahboite
ID: 24867862
Great answer from SteveJ.  I'd just add that if 1, 2 or 3 aren't an option and you feel like attempting 4 then there's some basics of ARP poisoning here:

http://www.irongeek.com/i.php?page=security/arpspoof

and an excellent video tutorial at the same site:

http://www.irongeek.com/i.php?page=videos/using-cain-to-do-a-man-in-the-middle-attack-by-arp-poisoning
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question