MyWireless sniffer

A

anakin

Well-Known Member
Joined
Apr 18, 2004
Messages
171
Reaction score
0
Location
South Africa.
I need to control the usage of MyWireless at my company network. Is anyone aware of a product which would be able to detect connectivity of MyWireless modems in the network, both on PPPoE and USB?

Perhaps, even a product which could detect DUNs might work.

My network consists of Cisco switches and routers, with WANS to offices all over the country, mainly on MS Windows, NT, 2000, XP and 2003.

Many thanks.
 
I'm in the same situation too!!!
At one stage there was someone at Infosat looking into
this... but I never heard of the outcome.

<font color="blue">Bay of Plenty: </font id="blue"><font size="1"><font color="black"> Signal 46% - SNL 17 - ber 71%
</font id="size1"></font id="black">
 
PPPoE packets are announced on the local lan ... If you have a linux box running on each network segment setup ettercap or another sniffer too look out for pppoe packets ...

to pick it up on the actual PC's (USB/ETH) within the lan you'd have to (more than likely) run software on each pc... software to do such snooping my be contrary to SA's new ECT act ...

R

************************************************************
The views expressed on this site are my own and NOT those of my employer.
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by regardtv</i>
<br />to pick it up on the actual PC's (USB/ETH) within the lan you'd have to (more than likely) run software on each pc ...<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
This gives me an idea - I'll install on every workstation a simple Kix script which loops once every few minutes, and will alert me if it detects any IP addresses outside the company range.

<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by regardtv</i>
<br /> ... software to do such snooping my be contrary to SA's new ECT act ...
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Not a problem - all my users have signed a policy document granting me permission to do exactly this.
 
One word "ethereal"

[:D]

http://sourceforge.net/projects/ethereal/

Cheers
Antowan

He who does not understand the value of war at the right time, cannot comprehend the value of life at any time - Anonymous
 
I'm just a little curious as to why you'd want to trace the usage of MyWireless at your company, anakin?
 
Most companies don't wish to have uncontrolled backdoors into
their systems! [:)]

<font color="blue">Bay of Plenty: </font id="blue"><font size="1"><font color="black"> Signal 48% - SNL 17 - ber 71%
</font id="size1"></font id="black">
 
That and the System Administrators likes to play god with their connections and who gets what and when and will try anything and everything to keep that control, because that is what their life is for, controlling others with the knowledge they THINK they have, but what I know they DONT have [:p]

They're a bunch of cry babies when you hack them... shame... oh, and that "we'll get virusses" is a bunch of bull****... they're just control freaks who gets beaten by their wives at home and loves controlling others

did i mention they're stupid as well?


/me puts his flame thingy on [B)]

Why do you have to "put your two cents in"... but it's only a "penny for your thoughts"? Where's that extra penny going to?
 
Antowan

I was just wondering how you would implement Ethereal for something like this?

Users using there USB to connect to the modem can change there routing table to route valid company traffic to the internal network and only requests for non valid company network to the internet.

If you use ethereal to sniff on the company network you will only pick up the company traffic they are routing but any other traffic will be sent out from the MW modem, even if you setup a span port on the backbone switch you will still only see legitimate traffic.

Just wondering on that one.
 
Noone, you are probably one of my users whom I have denied internet access to www.hotchicks.com. :-)
 
Exactly right Yoda ... that is why local software has been recommended ... a simple script checking for ANY active RAS sessions could be quite useful... In general RAS sessions are not a good idea for a pc currently on the network ;-)

R

************************************************************
The views expressed on this site are my own and NOT those of my employer.
 
The Kix scripts is a relatively simple solution to implement. Ethereal might be a bit more difficult, as it will not detect any MW traffic, unless it is routed into the company network.
 
and IMO, its not just MW you have to worry about, normal modem usage too...

I remember back in the day when I was restricted internet access, I just dialedup using my extension

web developer without internet access, pffff

Why do you have to "put your two cents in"... but it's only a "penny for your thoughts"? Where's that extra penny going to?
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by noone</i>
<br />and IMO, its not just MW you have to worry about, normal modem usage too...

I remember back in the day when I was restricted internet access, I just dialedup using my extension
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Fortunately for me, our telephone network does not allow for analogue modem connections. Our digital system simply fries any normal modem attempting to connect through our system.
 
And you call that an advantage ? ... Cannot wait for you to explain to the CEO why his notebook is not only good for frying eggs ;-)


************************************************************
The views expressed on this site are my own and NOT those of my employer.
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by regardtv</i>
<br />And you call that an advantage ? ... Cannot wait for you to explain to the CEO why his notebook is not only good for frying eggs ;-)
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

Our users should know better. If the CEO's modem was fried, he would have some explaining to do... (its happened, not by CEO though)

Regardless, the beauty of the scripts is that would detect any modem internet connectivity, dialup or MW, since it detects non company IP range of addresses. Alright, I can see some loopholes on how it could be bypassed, but not practical for our users, to cause a problem.

Hey, if it was up to me, I would give everyone in the company unrestricted internet access, with alternative approaches to ensure network security. However, we have to comply with requirements from our IT Security.
 
so how is this whole network setup that the users can get access like that, why don't u have an internal proxy or something like that?

i'm the gingerbread man!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X