Jump to content

Monitor msn traffic on wireless lan


Recommended Posts

I have an 11 year old boy who has recently started acting a bit secretive with his msn. He is hanging around with some questionable scrotes and despite me asking him to stop seeing them he continues to do so.

They communicate at night using Windows Live messenger and I did use one of the numerous programs to log the conversations (he kept turning off the defualt MS option) on his laptop but now he has d/l an app for his ipod touch so obviously these are no good. I would like to keep an eye on him again just to make sure nothing is going on and avoid the arguments and lying that would most likely occur, so I was wondering if anyone knew of a method to record just this traffic.

I have a wireless network and the connection is via a adsl modem from our service provider (PlusNet). As this is a switch the sniffing program won't work. The model is a Thomson tg585 and is pretty locked down when it comes to configuring things. I have read about port mirroring and arp spoofing but I don't think these to be do able.

I know this is a touchy subject, why don't I block net access, take phone and ipod of him etc but that is more trouble as this will just force him to find another way I may noy know about. IDoes anyone know of a method to do this?

Thanks

Link to comment
Share on other sites


The switch issue is only a lan issue (ie not wlan). Since you are the master of the house/network, then you already have the network key, and should be able to decrypt a capture of the wlan traffic. The traffic analysis is not always so easy, so maybe you are better off taking some smart parent/child chats instead...

Joakim

Link to comment
Share on other sites

should be able to decrypt a capture of the wlan traffic

Capturing wifi traffic isn't so easy though. You're looking at the $200+ airpcap, or a kismet drone setup (the drone running on a dedicated router running Linux or similar), or a Linux computer running similar software with a supported card... Then once you got that figured out, you have to do the WPA2/WPA/WEP decryption and filtering to get the MSN traffic (you'll have to extract the data somehow, there might be some kind of tool that analyzes the protocol, I've never looked for one though).

so maybe you are better off taking some smart parent/child chats instead...

+1

Link to comment
Share on other sites

These days it does not cost much, as nearly all cards support monitor mode on new linux kernel. Can also be done on Windows, by running linux iso inside vmware player (no need for a dedicated linux install).

Link to comment
Share on other sites

These days it does not cost much, as nearly all cards support monitor mode on new linux kernel

Yeah, I mentioned using Linux too :)

Can also be done on Windows, by running linux iso inside vmware player (no need for a dedicated linux install).

Only if your card is USB, and also supported by Linux, and that you don't mind it not being usable by the host OS (Windows) meanwhile (i.e. usually using a 2nd/dedicated card)

The point is, it's not easy to do under Windows and with the existing wifi card most of the time. But yeah, you can always setup something to capture (drone in router, USB wlan card + vmware, airpcap, etc). At which point you can think about setting up several other things to handle decrypting/filtering/extracting the chat text/storing it somewhere. And there are so many simple ways around such a complex setup that requires so much work, like using another AP for instance. It's a lot of trouble for a problem that seems simple enough in the first place.

@iamtheky: none of this will work for the wifi device.

Link to comment
Share on other sites

@coffeefiend - please explain as I believe I am missing something

wireshark in promiscuous -- copy all mode? i have intercepted many a packet traveling wireless.

webwatcher copies all traffic out to a site where you retrieve it from, i do not understand how the method of connection matters. i now see the blog that suggested web watcher for the iDevices has dead links, does look like its only a computer solution.

and KVM over IP absolutely functions over wireless, the one I have is pretty obvious though and have not explored others.

Edited by iamtheky
Link to comment
Share on other sites

wireshark in promiscuous -- copy all mode? i have intercepted many a packet traveling wireless.

If your card supports it, yeah. It has to support monitor mode (mainly a driver issue) which very often doesn't doesn't feed any data, it has to be able to see the 802.11 headers when capturing, and also capturing non-data frames. Not too many adapters support this. I have yet to find one that does besides the airpcap. I'd love to find a card that works (doubly so if supported by Win7 x64) because the airpcap is too pricey for me (don't have enough use for it to justify the $200+ cost). So far the only practical solution I've seen is using Linux in one way or another.

webwatcher copies all traffic out to a site where you retrieve it from, i do not understand how the method of connection matters.

And he'll install that on his son's ipod touch how? Edit: ah, so there was a ipod version? Ok...

and KVM over IP absolutely functions over wireless

Not too sure how that's even applicable.

Link to comment
Share on other sites

I have had several pcmcia cards with atheros chipset, and these could support monitor mode on Windows if used with the old win version of airodump (don't know the current state on this though). Then decrypt it with airdecap-ng. A commercial Windows alternative is OmniPeek (very broad chipset support), but costs enough to scare you off.

As CoffeeFiend says, linux is by far the easiest and best platform to do this invisibly. WebWatcher can, by definition, not be invisible as they claim, as it must be installed on the target (although it seems like a nice comprehensive aio solution).

Link to comment
Share on other sites

Havent found a VNC server solution for non-jailbroken devices (like Cydias veency). And while the KVM route may be overkill (as you only need the V), if there is one that can be configured to always output video to IPxxx much like the computer versions then this should be equally as feasible. Mine is currently preforming the reverse function (controlling comp from i*) but the videos make it look like they are pretty close to the other way around.....but then I am believing the videos.

Edited by iamtheky
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...