jazz at funkynerd.com
Wed Feb 27 16:56:48 MST 2013
I agree with the OpenWRT idea. It would take little effort to get a
router upand running. You could even do some magic to bridge the two
No magic software would be required and once that is working and passing
traffic, I would suggest doing something simple like:
tcpdump -i eth0.0 -w imspyingonyou.cap -C 10
This will capture all traffic on eth0.0 and write it to a filewith a
maximum size of 10MB. It will then roll over the filename and create a
new file. You could then install Samba to allow remote access to the
cap filesand then just open the files up in Wireshark. Just get the
tcpdump command to execute on boot and you're golden.
On 28/02/13 10:32, Andrew Steele wrote:
> I suppose it depends on where you feel comfortable on the "out of the box"
> verses "hack it together yourself" spectrum. If I was wanting to do this
> sort of thing, in the first instance I'd stand up an (x86) VM of OpenWRT
> and play around with the available packages to see if it'll give me what I
> need. Then I'd do my deployment on real hardware. As it's a distro focused
> on being for network appliances it'll probably be easier to configure for
> your needs.
> On Thu, Feb 28, 2013 at 7:44 AM, Adrian <adrian.blake at ieee.org> wrote:
>> I would like to build a machine to intercept and record all IP network
>> traffic. In my case, that which is passing to and from the Internet. I can
>> physically place the box between the router and the network switch.
>> What Linux distributions are best suited for this purpose? And what is the
>> best tool to record record the data? The quantity will not be very great or
>> fast, so recording disk capacity and speed are probably not an issue.
>> I could probably do this myself but the collective knowledge of the
>> community will probably provide me with a better result.
>> Adrian Blake
>> 101 Mulach St
>> NSW, 2630
>> mobile 0407 232 978
>> linux mailing list
>> linux at lists.samba.org
More information about the linux