Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to snif packets of another pc in my network??

Posted on 2009-07-15
3
Medium Priority
?
646 Views
Last Modified: 2012-05-07
How to snif packets of another pc in my network??
0
Comment
Question by:rodstevens
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 2000 total points
ID: 24866211
1) If the PC you want to sniff is plugged into a hub (likely, it is not) then simply plug your PC running wireshark into the same hub and capture the data.

2) If the PC you want to sniff is plugged into a switch, AND the switch has port mirroring capability you can mirror all of the traffic onto another port and plug your PC into the port you've sent the mirrored traffic into and capture the data.

3) If the switch doesn't have port mirroring capability AND you have a hub, you can cable the PC you want to sniff into the hub, then cable the hub into the switch . . . then plug your PC into the hub and capture data.

4) If you can't do 1, 2, or 3 you will need to download Cain and Able (or a similar product) that allows you to do ARP cache poisoning. This will essentially allow you to be a surreptitious man-in-the-middle.

That said, no offense, but if you can't pull off 1, 2 or 3 you will probably have trouble with the ARP cache poisoning solution. It's a non-trivial task to set up properly and Cain and Able isn't a very user friendly product if you are not more or less network savvy.

Good luck,
SteveJ
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 24866954
Hi,

Nicely mentioned in the above comment. Tell the exact model of your switch. It will help you a lot in checking if it supports port-mirroring. Also you can purchase a hub which can always be useful in such diagnostic purposes. Hub is really very inexpensive these days and you can get one for low price.
0
 
LVL 12

Expert Comment

by:jahboite
ID: 24867862
Great answer from SteveJ.  I'd just add that if 1, 2 or 3 aren't an option and you feel like attempting 4 then there's some basics of ARP poisoning here:

http://www.irongeek.com/i.php?page=security/arpspoof

and an excellent video tutorial at the same site:

http://www.irongeek.com/i.php?page=videos/using-cain-to-do-a-man-in-the-middle-attack-by-arp-poisoning
0

Featured Post

Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question