Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: [ask] traffic analysing

[ask] traffic analysing 8 years 2 months ago #27343

  • ipurba
  • ipurba's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Hi all,

Once my friend told me this, that we can use wireshark to analyze our network traffic, so from there we can analyze what is our bandwidth is used for.

From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords. But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.

Is that all true?

Thank you in advance
The administrator has disabled public write access.

Re: [ask] traffic analysing 8 years 2 months ago #27347

  • Elohim
  • Elohim's Avatar
  • Offline
  • Senior Member
  • Posts: 220
  • Karma: 0
Yes... it's all true.
Hi all,

Once my friend told me this, that we can use wireshark to analyze our network traffic, so from there we can analyze what is our bandwidth is used for.

From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords. But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.

Is that all true?

Thank you in advance
The administrator has disabled public write access.

Re: [ask] traffic analysing 8 years 1 month ago #27683

  • ipurba
  • ipurba's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
wow, that is very cool.

hmm do you have any link where i can read a complete tutorial for that, from novice to advance, like how to decode the captured data?

thank you
The administrator has disabled public write access.

Re: [ask] traffic analysing 8 years 1 month ago #27686

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Hehe, i really wouldn't advice doing it for the application you are suggesting though. You would need to trawl through the packet capture to do this which would take you a very long time (unless anyone knows any software for analysing the captures like this).

Also, you would need to monitor a lot of traffic and would therefore generate a huge capture file.

I would look at products to do this for you and if you have concerns about bandwidth and possibly throteling whats going on then something like PacketShaper or NetEnforcer which can also optimise the traffic for you
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: [ask] traffic analysing 8 years 1 month ago #27789

  • gagamboy
  • gagamboy's Avatar
You can also used the Solarwinds application to monitor, analyze traffic and websites that your users are currently accessing www.solarwinds.com/. You can try their demo apps to have more ideas on what I am trying to point. :D

Cheers!
The administrator has disabled public write access.

Re: [ask] traffic analysing 8 years 1 month ago #27795

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords.

But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.

The following might not be an exact match but can help.

I personally use "Commview" www.tamos.com/products/commview/ for general network sniffing. You can know the websites URLs, protocol statistics and even decode complete http conversations back into html. Check also this one www.networkactiv.com/PIAFCTM.html which can also do http decoding. Passwords can be monitored by "Cain & Abel"

As gagamboy noted, "Netflow analyzer" from Sollarwinds has some pretty cool features if you already have cisco equipment that you want to monitor. PRTG Network Monitor is also a good one www.paessler.com/prtg7
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
Time to create page: 0.096 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup