To capture remote network packets...and extend wireless?

Discussion in 'Hardware' started by 61Corvair, Feb 3, 2015.

  1. 61Corvair

    61Corvair Private E-2

    (Long time visitor, first time poster- thanks for your involvement in this site, it has helped me tremendously over the years!)

    I suppose the best thing to start with is a "simple" question, because there appears to be a LOT of reading on this subject, and I'm not afraid to do that work, but if what I want is not possible, I'd rather spend time on something more productive. That question is this:

    Is it possible to capture data from wireless clients that connect to my network, given the following constraints:
    1. There are many different types- iPhone, iPod, Android phone, Android tablet, PS3, laptops, and possibly more.
    2. Assume I cannot install anything on the remote device, including a service (PC) or app (phone).
    3. Assume that the captures should remain clandestine- no indication on the remote device.
    4. Packet acquisition should operate through an application- if not WireShark, then something that is as understandable.

    I would prefer the ability to maintain a route back into my system from the outside- for the sake of viewing my security cameras and accessing my home network. The way I've dealt with this in the past was through a DDNS service.

    IF you all want to map out resources and tell me what to do step by step? PLEASE feel free to do so!!!! I understand, though, that these questions pop up all the time, and it HAS to be exhausting to keep seeing them, let alone to address them. If you do, imagine a world of good coming your way, and that if I could, I'd push the button that would deliver it to you!!!

    I know my way around, but let's say just enough to get me into trouble. My major hang-ups with wireless networking ALWAYS end up to be an issue of a feature being called by a different name- seemingly everywhere I read or see it. Then there are the implementations of the router features that differ from one piece of hardware or software- to another. For example, I never would have imagined a week ago that plugging two wireless routers end-to-end using a LAN port (not the net port) would be a workable solution to some needs. I get crazy because I know things are possible, but I just can't seem to get there. So I'd rather start off knowing that there is a horizon to get to eventually. I apologize for the novel, too.

    Without unnecessary detail, to ward off some inevitable questions- I am tracking for a number of reasons. These include parental control over browsing and sending data (video and still images), intrusions from unwelcome users (goal is to protect and verify my protection scheme, especially after extending the wireless coverage), and error-logging to figure out what causes nagging issues with some of these devices.

    At minimum, I want to be able to see html requests- site visits. At best, I want to be able to capture, reassemble (if necessary), and export packets to view the images and video being sent over MY network.

    Above is my first priority. However, as I'm putting this together, I would REALLY like to do so to support creation of additional wireless coverage in my home. The semi-detached home we live in is broken up pretty good- between initial access point to the furthest point I desire wireless coverage in. "Extending coverage" to me means that I do not necessarily need higher power- I need to get past natural barriers. I am hoping to do so wirelessly, but CAT5 can be run if it means that I can put everything I want in this post together and make it work.

    Internet access is currently served through an Arris CM820A Cable Router.
    To this is connected a Cisco EA4500 Wireless Router, Firmware 2.0.37.
    Out of this, via CAT5 is my main PC line, and, an Ethernet Switch
    The Ethernet Switch (Linksys SE1500) was added in a "far zone" to serve wired internet to a Security DVR and a Home Automation interface.
    The Security DVR is a QSee model, and Home Automation Interface is from Insteon- allowing remote access to my automation interfaces in the home. There is also a CAT5 connected to the switch for the very occasional connection to my laptop and a PS3 gaming station.

    My main PC is a Gateway Core i7 (930 at standard clock) with 9GB ram.
    O/S on this is Windows 7 Ultimate 64. I also have Ubuntu installed on a drive for fun's sake, but have not used that in some time now.

    The laptop is an older Vista unit, and I'll save some time by going over the rest of the devices that'll connect shortly.

    But first- the extra routers that I have and am hoping I can use:
    Linksys WRT54G, last running DD-WRT V24 SP2, mini.
    Linksys WRT54G, last running the OEM firmware.
    (Both routers are of the hardware revision necessary for tweaking with the least complication... I don't know how best to explain this without having them in hand.)
    Belkin Wireless G Router F5D7230-4 V 4.03.03

    Connecting Devices (Those higher up are the most important targets for observation. Some are mentioned only in case a potential conflict is noticed by one of you... something that could cause problems.)

    Android 5S
    iPhone 5
    iPod (3? 4? I can find out)
    HP Laptop, running Vista or 7 (I can find out)
    Android 5S Active
    Samsung Galaxy 4 Tablet (as far as I can tell via a mobile skulking app...)

    Other wireless devices that will connect:
    Wii
    Insteon internet access (to RF and powerline device controls)
    QSee QSDR04RTC Security DVR
     
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi and welcome to the forum.

    Fantastic question and lots of detailed info, I'll jump in with some sort of answers I hope but networking is not my main forte and at times can be a pita to get everything you wanted working as is, which is what scares some off at times in replying.

    Just want to really get the premise of your question narrowed down to do you wish to just secure your home network or snoop on users connected to your home network?


    Do you really wish to capture data off these devices that connect to your wifi? given that they are actually connected but with no permission given to connect, which if they are connecting without permission opens up a serious security flaw in your home network as and I think you will have done given the detail of your post set a WPA2 password on your network.

    If you have WPA2 then these devices that you have not granted access too will likely be seen by your router or windows network manager as many mobile devices have the ability to be used as a router but without a password they cannot connect.

    Now to my thoughts and points.

    1. Above all change the routers name from default to anything, set the security to WPA2 at least with a strong password, can also make the network SSID hidden from outside view. This way only devices you want to access can.

    2. Can in addition to #1 only allow access per MAC address for the devices you wish to allow access, once you work out what devices are and their MAC address you can use this info HERE to filter. To work out devices you want to allow access the easiest way is to be in your router menu network list and I delete all devices from my list of current network connected devices and turn off wifi on all the devices I wish to allow connection too then enable one at a time and refresh the routers network list, (you'll need to read your manual or the FAQ for more info HERE) then know what that device is and its IP and MAC address to then give it a real name, image below is my current network list, with most of MAC addresses removed.

    http://s29.postimg.org/qy2pxgqg7/Capture.jpg

    3. If you wish to monitor data packets on your network the Wireshark (nice info HERE and HERE) is good and also these should do the same or more Kismet, Cain and Abel and ones I have used in the past are EtherSnoop and Paessler Router Traffic Grapher but also a nice list HERE @ Majorgeeks Network section to go through

    4. To your Q2 then no. To Q3 no as data captured is on your network, but TBH you should not need to get this far as only devices you allow access will be using your network.

    With the above you should be able to track your internal network as in for parental control, but thinking of parental control (dont know all your circumstances so the following after this point in this paragraph is randomisation from me), do your kids have admin access to their PC/Laptops, they should not really if you want to see what they are doing as you can setup Parental Controls and also in most routers if needed you can use the MAC address to limit internet access, good for curbing night-time internet access or at times they should be doing homework.

    Yes you should be able to monitor HTTP requests in Wireshark and possible when you export a capture session be able to look for an object type that's a media file see bottom of post for a for a nice video that may help

    Go to File -> Export Objects -> HTTP
    look for Content Type video/x-avi (or another media file type) then Save AS


    If you are wanting this to me secretive from household members then just say that you are security the network from outside intrusion and then gives you the opportunity to have all devices MAC addresses setup and listed with real names like mine (note mine are only the current devices live as of now, when my sister, neices and friends want to connect they go through me adding a real name to their device, so many more can show)

    Hope this has started off your discussion on this topic and I hope many more join in, as I mentioned networks are not my core topic in computing, like you I can be dangerous! ;)

    David


    https://www.youtube.com/watch?v=5miqHkco7rU
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds