Thread: How to check computers connected?
View Single Post
  #11 (permalink)  
Old 02-24-2007, 10:58 AM
Kev
Guest
  
Posts: n/a
Default Re: How to check computers connected?
Jeff Liebermann wrote:
> On Fri, 23 Feb 2007 18:45:56 +0000, Kev <invalid@invalid.invalid>
> wrote:
>
>> Jeff Liebermann wrote:
>>> Kev <invalid@invalid.invalid> hath wroth:
>>>
>>>> If I allow sharing or ICMP Echo on either Laptop then Lanspy will see them.
>>> Where are you plugged in to do your sniffing?
>
>> The PC running Lanspy was wired into a combo modem/router, a speedtouch
>> variant known as a BT Home Hub
>
> Ok. It may be called a "hub" but it's really a combination modem,
> router, wireless?, and ethernet switch. It's the switch part that's
> the problem. YOu can't see traffic on one port, that's going to/from
> any of the other ports (except broadcasts). Try it by watching the
> lights. Copy a big file between two of the ports and see if anything
> lights up on a 3rd or 4th port in which you're plugged into.

The "Hub" doesn't have such niceties, it came as a freebie when we
upgraded to "up to 8Mb" broadband.
http://tinyurl.com/zghtn


> It won't
> flash indicating that you cannot use the 3rd or 4th ports to monitor
> the traffic on the 1st or 2nd ports. Incidentally, the wireless
> access point section is just a 5th port on the ethernet switch and
> acts the same as the other ports.
>
>> ( regrettably my Linksys has just died on me).
>
> The Linksys whatever wouldn't have helped.

No, but it worked well for the last 3 years with only minor hiccups and
lately had been used to allow visitors to access the web without having
to use my main wireless network.

> The only way you're going
> to monitor traffic with such an arrangement is by using seperate boxes
> for modem, router, wireless, and ethernet switch. Even so, there's no
> single point that will sniff ALL the traffic. Welcome to the
> wonderful world of network monitoring. This is one reason why
> router/switch based traffic monitoring protocols like SNMP, RMON,
> NetFlow, etc are popular.
>
>> As there had been several mentions of Lanspy recently one of the
>> family decided to try to see if it could see all of the computers on the
>> network, he wasn't interested in actual traffic, and he found he could
>> not see one laptop. Rather than try to find out why he ditched the
>> program and went off with the Laptop. Out of curiosity I decided to run
>> some checks this morning to see why the Laptop hadn't been seen.
>
> If the laptop is running Windoze XP, it might be that the firewall is
> configured to reject just about everything. As I vaguely recall, ICMP
> ping is blocked in the default configuration.
> Control Panel -> Windoze Firewall -> Exceptions -> Advanced
>
>
Thanks for all the info.,it has been very informative.
The easiest way for Lanspy to "see" the locked down laptops was to
disable the ping check, in options, and only look for MAC addresses.

Reply With Quote