Skip to main content

[ask] traffic analysing

More
16 years 3 months ago #27343 by ipurba
Hi all,

Once my friend told me this, that we can use wireshark to analyze our network traffic, so from there we can analyze what is our bandwidth is used for.

From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords. But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.

Is that all true?

Thank you in advance
More
16 years 3 months ago #27347 by Elohim
Replied by Elohim on topic Re: [ask] traffic analysing
Yes... it's all true.

Hi all,

Once my friend told me this, that we can use wireshark to analyze our network traffic, so from there we can analyze what is our bandwidth is used for.

From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords. But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.

Is that all true?

Thank you in advance

More
16 years 2 months ago #27683 by ipurba
Replied by ipurba on topic Re: [ask] traffic analysing
wow, that is very cool.

hmm do you have any link where i can read a complete tutorial for that, from novice to advance, like how to decode the captured data?

thank you
More
16 years 2 months ago #27686 by Smurf
Replied by Smurf on topic Re: [ask] traffic analysing
Hehe, i really wouldn't advice doing it for the application you are suggesting though. You would need to trawl through the packet capture to do this which would take you a very long time (unless anyone knows any software for analysing the captures like this).

Also, you would need to monitor a lot of traffic and would therefore generate a huge capture file.

I would look at products to do this for you and if you have concerns about bandwidth and possibly throteling whats going on then something like PacketShaper or NetEnforcer which can also optimise the traffic for you

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
  • gagamboy
  • Visitor
  • Visitor
16 years 2 months ago #27789 by gagamboy
Replied by gagamboy on topic Re: [ask] traffic analysing
You can also used the Solarwinds application to monitor, analyze traffic and websites that your users are currently accessing www.solarwinds.com/ . You can try their demo apps to have more ideas on what I am trying to point. :D

Cheers!
More
16 years 2 months ago #27795 by S0lo
Replied by S0lo on topic Re: [ask] traffic analysing

From the capture data, we can get a lot of information, like what websites that has been accessed, user name and even passwords.

But the most important thing is we can learn the internet habit of the users. Like in one day what is the most things users do, like maybe online chat (YM, AIM, Irc) or downloading, or just http, or maybe ftp,or maybe streaming.


The following might not be an exact match but can help.

I personally use "Commview" www.tamos.com/products/commview/ for general network sniffing. You can know the websites URLs, protocol statistics and even decode complete http conversations back into html. Check also this one www.networkactiv.com/PIAFCTM.html which can also do http decoding. Passwords can be monitored by "Cain & Abel"

As gagamboy noted, "Netflow analyzer" from Sollarwinds has some pretty cool features if you already have cisco equipment that you want to monitor. PRTG Network Monitor is also a good one www.paessler.com/prtg7

Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
Time to create page: 0.138 seconds