Thread: How to check computers connected?
View Single Post
  #12 (permalink)  
Old 02-24-2007, 06:46 PM
Stuart Miller
Guest
  
Posts: n/a
Default Re: How to check computers connected?

"Kev" <invalid@invalid.invalid> wrote in message
news:iKednUiVR8v2h33YRVnyvQA@bt.com...
> Jeff Liebermann wrote:
>> On Fri, 23 Feb 2007 18:45:56 +0000, Kev <invalid@invalid.invalid>
>> wrote:
>>
>>> Jeff Liebermann wrote:
>>>> Kev <invalid@invalid.invalid> hath wroth:
>>>>
>>>>> If I allow sharing or ICMP Echo on either Laptop then Lanspy will see
>>>>> them.
>>>> Where are you plugged in to do your sniffing?
>>
>>> The PC running Lanspy was wired into a combo modem/router, a speedtouch
>>> variant known as a BT Home Hub
>>
>> Ok. It may be called a "hub" but it's really a combination modem,
>> router, wireless?, and ethernet switch. It's the switch part that's
>> the problem. YOu can't see traffic on one port, that's going to/from
>> any of the other ports (except broadcasts). Try it by watching the
>> lights. Copy a big file between two of the ports and see if anything
>> lights up on a 3rd or 4th port in which you're plugged into.
>
> The "Hub" doesn't have such niceties, it came as a freebie when we
> upgraded to "up to 8Mb" broadband.
> http://tinyurl.com/zghtn
>
>
> > It won't
>> flash indicating that you cannot use the 3rd or 4th ports to monitor
>> the traffic on the 1st or 2nd ports. Incidentally, the wireless
>> access point section is just a 5th port on the ethernet switch and
>> acts the same as the other ports.
>>
>>> ( regrettably my Linksys has just died on me).
>>
>> The Linksys whatever wouldn't have helped.
>
> No, but it worked well for the last 3 years with only minor hiccups and
> lately had been used to allow visitors to access the web without having to
> use my main wireless network.
>
>> The only way you're going
>> to monitor traffic with such an arrangement is by using seperate boxes
>> for modem, router, wireless, and ethernet switch. Even so, there's no
>> single point that will sniff ALL the traffic. Welcome to the
>> wonderful world of network monitoring. This is one reason why
>> router/switch based traffic monitoring protocols like SNMP, RMON,
>> NetFlow, etc are popular.
>>
>>> As there had been several mentions of Lanspy recently one of the family
>>> decided to try to see if it could see all of the computers on the
>>> network, he wasn't interested in actual traffic, and he found he could
>>> not see one laptop. Rather than try to find out why he ditched the
>>> program and went off with the Laptop. Out of curiosity I decided to run
>>> some checks this morning to see why the Laptop hadn't been seen.
>>
>> If the laptop is running Windoze XP, it might be that the firewall is
>> configured to reject just about everything. As I vaguely recall, ICMP
>> ping is blocked in the default configuration.
>> Control Panel -> Windoze Firewall -> Exceptions -> Advanced
>>
>>
> Thanks for all the info.,it has been very informative.
> The easiest way for Lanspy to "see" the locked down laptops was to disable
> the ping check, in options, and only look for MAC addresses.

I enabled Ping, DNS name, MAC and Server, and disabled everything else.
It found the linux machines and reported properly
When I get more time I'll try to find out which test gets confused by the
linux servers.

Stuart





Reply With Quote