Ask Your Question

Revision history [back]

Reallylost... Wireshark might not be the best tool to see if your security system has been hacked, but here is how I would approach the situation (in very gernal terms). If your security system connects to your home internet, you may want to see if your router has packet capture ability. If so you can read the file with wireshark. If not you may want to install a network "HUB" between the security system and router; connect your computer to this hub and capture your network adapter in promiscious mode. If you can access the system from the web or an app, do that while capturing.

Once you have a capture it will help to know the IP address of your security system (eg: you can apply the display filter "ip.addr ==" and this will show you any traffic to or from your security system. It's a little like reading the matrix but after a while you'll start picking up on what is happening based on what you see. Play with the tools in the "statistics" menu to get a summary of the activity. You could also try downloading a "port scanner" and run that from another computer on your home network against the IP address of your security system while capturing.

Unfortunately if your system has been hacked wireshark won't show much unless you are running the capture when the 3rd party is trying to do something with it.