# lan monitoring sniffing/antisniffing program



## akaray7181 (May 31, 2008)

I would like to know what tools most network administrators use to monitor the lan via sniffing and what tools do network administrators prefer for antisniffing?


----------



## iflymyhelishigh (Jul 29, 2008)

Im a system/network administrator and I use nothing. I simply keep the computers locked up so that the employees have limited access.


----------



## af3 (Jun 18, 2008)

It depends on what information you are looking for. SmartSniff (standalone exe w/ GUI) is okay for diagnostics but you would pretty much be stairing at raw packets.

There are specific sniffer solutions for specific needs, so you must disclose what you wish to monitor.

To prevent sniffing, you would have to use a VPN solution within your network to prevent non-authenticated clients from capturing data by tapping into any of your cables, routers, switches, WIFI access points or hubs.

Please, if anything is wrong with the information in this post, let me know.


----------



## johnwill (Sep 26, 2002)

I use WireShark here.


----------



## akaray7181 (May 31, 2008)

i'm just starting to read my network+ book and was wondering what and how i would go about doing lan monitoring (malicious and non-malicious) and what anti-sniffing programs there are. I want to know anything you guys are willing to share knowledge wise. 

Since, A lot of software online has spyware, I was also wondering what lan monitoring tools and sniffing are actually safe to use? do some of them turn on you and start stealing your ip packets with credit cards?

I have wireshark, and i started using it a little, but i'm not sure i understand what i'm doing with it yet. Like i go into wireshark and then i click list available capture interfaces icon, and then i get broadcom and microsoft listed (both same ip address) and one ms tunnel interface driver and it lists the ip and packets? 

how do people use something like this to monitor the lan and what exactly are they looking for? For example, how would they determine, where a faulty cable was by using
this tool? or are there any other uses that you can tell me how to use this for? I need some expert insight.


----------



## af3 (Jun 18, 2008)

Most are safe; I don't bother evaluating shareware/trialware anymore unless I can't find an alternative to it in freeware. Wireshark, to me is way too much.

You couldn't find a faulty cable with sniffers. A sniffer would help you when testing software, and sometimes hardware to see what traffic is being generated (software) and what traffic is getting through (hardware)

To find a faulty cable, you can test each cable with a multimeter.

I had an idea for a program that would sniff, but instead of displaying raw packets, it would display:
[IP ADDRESS] | [URL VISITED]
In a log, and when you double click the log entry it would open up the URL, and have a mode built in to monitor a specific IP addresses activity so you would be observing the pages being visited remotely without terminal services, VNC or other such protocols.

This would only work on wireless networks*, and hubs.
*a guess - my WiFi card picks up packets from all wireless hosts on my network for some reason

Let’s hope an expert stops by.


----------



## john_1 (Jul 6, 2008)

we use sniffer-pro but its not free i think . 

with large organization like ours its pretty difficult to track the LANs activities we mainly use it to monitor unwanted protocols and our coreBuilders uplinks utilization. 

one nice feature that sniffer-pro provides is to remotely connect to cisco catalyst switches and get RMON parameters.


----------

