Ask Your Question
0

How to capture remote device's traffic?

asked 2020-01-16 15:47:32 +0000

Arthur gravatar image

updated 2020-01-16 15:50:30 +0000

Hello. I have two devices - video intercom and universal remote (broadlink rm pro plus). Both are communicate with Chinese servers by UDP and TCP/IP directly. There is no options to change network settings on them - they are connected to Wi-Fi and receives IP/Mask/Gateway only by DHCP.

I also have PC with installed Wireshark on it.

All devices and PC communicates by Wi-Fi using cheap Wi-Fi router.

How can I analyze traffic of my devices with my PC? May be is it possible to route all traffic of devices to PC?

I am noob in such things, I am mostly a programmer, not network administrator/expert.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-01-16 23:13:04 +0000

Bob Jones gravatar image

How can I analyze traffic of my devices with my PC?

You could capture the wireless traffic with an 802.11 adapter in monitor mode, decrypting if required. This can be difficult, but is often done. See https://wiki.wireshark.org/CaptureSetup/WLAN.

You could also install a tap or configure such functionality between the AP and the router which leads all that traffic upstream, which you claim to be China. Wired traffic is often easier to analyze but you may need equipment or configurations to collect wired traffic properly. See https://wiki.wireshark.org/CaptureSetup/Ethernet.

May be is it possible to route all traffic of devices to PC?

Yes, with some configuration and/or network trickery. There are tools for this, such as Ettercap or Cain and Abel, and several ways to do this - you could setup your PC as a gateway to route traffic, or use arp cache poisoning, or DNS hijacking, etc.

For me, I would figure out how to get the wired traffic as it leaves the AP and enters the network, acquiring the necessary equipment, as needed, to make this happen.

edit flag offensive delete link more

Comments

I think, that the easiest way is to buy TP-LINK Archer C7/C9 and to install OpenWRT on it and to configure iptables for packet mirroring on OpenWRT, right?

Arthur gravatar imageArthur ( 2020-01-17 08:20:04 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-01-16 15:47:32 +0000

Seen: 3,960 times

Last updated: Jan 16 '20