2 Simple Ways to Track Network Traffic with Wireshark and More
2 Simple Ways to Track Network Traffic with Wireshark and More
Do you want to make sure that your network is running smoothly and without issues? Monitoring your network traffic is something you want to keep in mind whether you are in charge of a large network or a smaller one. This ensures that you're ready to troubleshoot issues if needed and keeps you up-to-date against malware and other virtual threats. This wikiHow article teaches you how to monitor network traffic.
Things You Should Know
  • If you have a router with networking monitoring tools, log into your router and check your logged-in devices.
  • You can use tools like Wireshark to see what's happening on your local network.
  • Alternatively, if you're in charge of monitoring a large network, sign up for SolarWinds or a cloud-based monitoring service.

Using Your Router

Go to your router's admin page in a web browser. You can use any web browser to go to your router's IP address, the default is often "192.168.1.1." If you need clarification on the correct IP address, you can find it in a few different ways. For Windows, open Command Prompt and enter ipconfig and locate your IP next to "Gateway." For Mac or Linux, open Terminal and enter ip r. Sign in if prompted. You'll find your username and password on your router unless you changed it.

Go to the device list. Every router looks different when you log into it, so look for a place that will list the devices on your network. For some routers, this could be under an Overview header. You can view a list of all the devices that are connected to your router. If the user of a particular device has given it a name, you will be able to see that name alongside its IP address. The list will also provide information about how the device is connected to the network (whether via ethernet cable or LAN) and how long it has been connected. Additionally, you can check the Wi-Fi details for that connection, such as the signal strength and available bandwidth.

Go to a status, bandwidth, or network monitoring section. However, not every router has this available, so you might need to use a third-party tool to monitor your network activity. If you can find this section, you'll see information like how much bandwith a specific device is using as well as transmission rates and other useful stats. Along with that information, you can also see who's connected to your network and kick them off.

Using Wireshark

Open Wireshark. If you don't have the free program for Windows, Mac, and Linux, you can download it from their website. Wireshark is a packet-sniffing tool, so it will definitely give you signals that your network traffic is doing poorly. First, you need to make sure that Wireshark is capturing packets in promiscuous mode, then you can continue to monitor your network traffic.

Navigate to "Edit" and click Preferences. You'll find "Edit" in the menu bar along the top of the Wireshark window. Clicking Preferences will open a new window.

Click the Capture tab. It's in the panel on the left side of the window.

Ensure "Capture packets in promiscuous mode" is selected and press OK. You want to make sure the correct mode is chosen before you check your network traffic since the other mode and this one will have very different results. Close the Wireshark Preferences window if it doesn't close automatically. Using this tool in promiscuous mode on a network that you don't own or have permission to access this way is illegal.

Click the blue fin icon to start recording. You can also press Ctrl + E. You'll see a graph that indicates your network activity. If there was something you've done in the past that indicated some network issues, try it again to see if Wireshark can find it.

Press the red fin icon to stop recording. You'll see the previous history in the window at the top of your screen. Click on an instance to see the IP addresses it was going to and coming from as well as additional data.

Alternatives

Use NetFlow or sfFow. Your router may only support one, so make sure you know what that is before you use one. For example, if you have a Cisco router, chances are that you'll only be able to use NetFlow.

Use built-in tools. Many operating systems have tools built in that you can try. They may not offer as much information as 3rd-party tools, but they are better than nothing!

Use a hardware device like a network TAP or packet broker. This is most likely a better solution if you have a medium-sized network to look after and it's not reliant on Wi-Fi, like a small office suite.

Use a cloud-based service. There are services, like CloudWatch, that offer network monitoring. These allow you to monitor the network even if you're away from the office! Many of these tools are not free but might offer a free trial. These are probably the best option if you're monitoring a larger network, like a company with multiple offices.

Use an app like SolarWinds for Wi-Fi networks. If you don't have an ethernet connection, you can use SolarWinds to monitor your Wi-Fi activity.

What's your reaction?

Comments

https://rawisda.com/assets/images/user-avatar-s.jpg

0 comment

Write the first comment for this!