How to analyze the traffic of the entire local network?

T

tupoi2016-02-22 12:30:39

System administration

tupoi, 2016-02-22 12:30:39

Good day, there is a task to scan all traffic in the entire local network, there are about 15 machines in the local network, I thought to use Wireshark, but here's the problem, when I run it, I see only those packets that come or are sent by my machine, she does not see other packets, switched the network card to monitor mode and threw down a huge flurry of packets with the 801.11 protocol, in the column from whom and to whom something incomprehensible is happening ... how can you catch all the traffic in the local network?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

S

Saboteur, 2016-02-22
@saboteur_kiev

Well, this flurry of packets in monitor mode is all the traffic, analyze it.
But given the topology and depending on the router, this may not be all.
You specify what kind of analysis you are going to do. A lot of different traffic can go on the network.

D

Dmitry Lebedev, 2016-02-22
@k3NGuru

1) What is used as a gateway? Because the traffic of the entire network needs to be monitored through the gateway
2) What kind of traffic do you want to monitor and for what? Isn't it easier to install some Squid and parse logs from it?

R

Rad1us, 2016-02-22
@rad1us

What do you mean by "all traffic on the entire local network"?
If this concept includes traffic analysis between local host A and host B, then, since this happens without the participation of a gateway, you need to monitor either on A or B, or on a managed switch, if one connects them.

V

vreitech, 2016-02-22
@fzfx

Use a managed switch, configure the port mirror function on one of the ports, connect the machine with Wireshark to this port.