10

I have an all Mac network consisting of an Airport Extreme, 1 MacPro, 1 Mac Mini, 2 MackBook Pros, 2 iPads, and 2 iPhones. The Mac Pro is connected directly to the Airport Extreme via Cat5 and the rest is all running via Wireless.

Lately I've been getting prompted by Google to enter Capchas frequently. The message states that I might have software running on my network I'm not aware of. My wireless router is password protected using WPA2 Personal and I frequently change my password so I don't think someone is using the network from outside (but I've no way to confirm this).

I'm looking for a relatively cheap (preferably open source) solution that would enable me to monitor and profile the network usage by machine and port.

Can someone recommend a solution?

Improve this question
2
  • 3
    Doesn't the airport tell you what devices are currently connected, and/or your DHCP server tell you what machines have what IP allocated? Then you can account for what machines you have on the network and if there's one on there that you can't account for...
    – Bart Silverstrim
    Commented Jun 7, 2010 at 16:11
  • I use pinggy for monitor the lan. The aplication is comercial but cheap.
    – user106957
    Commented Nov 26, 2011 at 20:52

7 Answers 7

Reset to default
5

You can try NetUse Traffic Monitor. It uses SNMP to get network usage data off your router and draws realtime and historic data.

Improve this answer
2

I've been having the same problem with Google plus experiencing sporadic streaming hiccups on my Apple TV. After looking around and following a few links here, I ended up referencing traffic via Airport Utility » Base Station » Logs and Statistics. The same dialogs can also be accessed via the Advanced button along the top of the floating dialog box. Here you will find info on devices that have been connecting to your WiFi/Airport and last time each one connected.

That said, I didn't see any external access to my network so I'm still not sure what is causing my problems. I do plug into a network within my condo that connects thru Dish Network. The Google problem may be a result of traffic being generated by other tenants, but that still doesn't explain sluggish streaming within my LAN.

Improve this answer
1
1

If you want all the geeky details, you probably want MRTG.

It uses SNMP to monitor your router(s) and draws nice graphs. It's written in Perl, so it should run on Mac OS X as well as generic UNIX/Linux.

Improve this answer
1

Regarding possible other users: assign IP to each individual mac address from the base station manager and/or try radius.

As stated above, your base station should have logging capabilities. Else snort could be set up to watch for alien connections, I believe.

Improve this answer
1

I'm using ProteMac Meter for monitoring my network activity:

ProteMac Meter is a network traffic logger. It monitors and records all Internet and network activity on your Mac computers. ProteMac Meter worked out as a traffic monitoring tool is essential for maintaining a safe network and diagnosing network and Internet connections and speeds. Meter’s easy to read network traffic details make reporting a snap. Download a free trial version of ProteMac Meter today!

Improve this answer
1
  • 1
    The link to the site is no longer a utility page but some guy's blog that has no obvious relationship to the software you described. Just and FYI for anyone else reading this thread.
    – ra9r
    Commented Jul 16, 2017 at 14:11
1

You need to set up a proxy server to capture all http/https traffic on your local network.

You then point all of your devices to use that proxy server. This has an added bonus of allowing you to read all SSL traffic in clear text =)

To remotely capture http or https traffic with the Charles Proxy (free to use for 30 minutes) you will need to do the following:

Description of setup

HOST -  Machine running Charles and hosting the proxy
CLIENT – User’s machine generating the traffic you will capture

Host Machine

  1. install fully licensed charles version
  2. Proxy -> Proxy Settings -> check “Enable Transparent HTTP Proxying”
  3. Proxy -> Proxy Settings -> SSL TAB -> check “enable SSL Proxying”
  4. Proxy -> Proxy Settings -> SSL TAB -> click Add button and input * in both fields
  5. Proxy -> Access Control Settings -> Add your local subnet (ex: 192.168.2.0/24) to authorize all machines on your local network to use the proxy from another machine
  6. It might be advisable to set up the “auto save tool” in charles, this will auto save and rotate the charles logs. http://www.charlesproxy.com/documentation/tools/auto-save/

Client Machine:

  1. Install and permanently accept/trust the charles SSL certificate http://www.charlesproxy.com/documentation/using-charles/ssl-certificates/
  2. Configure IE, Firefox, and Chrome to use the socket charles is hosting the proxy on (ex: 192.168.1.100:8888)

When I tested this out I picked up two lines of a Facebook HTTPS chat (one was a line TO someone, and the other FROM)

Android

you can also capture android emulator traffic this way if you start the emulator with:

emulator -avd  -http-proxy http://local_ip:8888/

Where LOCAL_IP is the IP address of your computer, not 127.0.0.1 as that is the IP address of the emulated phone.

source

Improve this answer
0

Eavesdrop is a good Mac-native network sniffer.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .