Detailed logging of network traffic?

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Detailed logging of network traffic?

Incindre

117 posts

Master Geek
+1 received by user: 21

#195966 13-May-2016 18:52

I'm the head tenant of a flat and thus everything is in my name, including the internet.

Something that's been inflating my paranoia for a while now is what happens if one of my flatmates turns out to be a fiend and is doing illegal things with reckless abandon on my connection? It's going to look pretty bad considering my name is the only one tied to the account. (I'll point out that this is just paranoiac contingency planning, as far as I'm aware my flatmates are perfectly normal and decent people).

Not being an expert in copyright or illegal material law, I assume it would be enough to produce a log showing that the MAC Address belonging to flatmate 'X' was the one to connect to 'Y' (the unfavourable content).

Ideally I want something along the lines of Draytek's Smart Monitor, but that requires me buying a Raspberry Pi/bare-bones PC to run the software, and a separate Wireless AP as it only logs traffic through the LAN ports. I'm currently running a Draytek Vigor 2760VN by the way.

As this solution involves the purchase of hundreds of dollars worth of equipment anyway, I'm wondering if anyone knows of a more elegant solution, such as a router with this functionality inbuilt or attainable through flashing of open-source router firmware?

Jase2985

13730 posts

Uber Geek
+1 received by user: 6202

ID Verified

Lifetime subscriber

#1552352 13-May-2016 19:22

i would suspect monitoring their traffic would be a breach of their privacy

Jase2985

13730 posts

Uber Geek
+1 received by user: 6202

ID Verified

Lifetime subscriber

#1552354 13-May-2016 19:24

Just talk to them and say its your connection you would appreciate them not doing illegal things on the net, and leave it at that.

There have been very few cases under the copyright laws in nz.

i dont see the need to be so parinoid, and you are dont share the connection and get them to get a second connection at the premises

NonprayingMantis

6434 posts

Uber Geek
+1 received by user: 1528

#1552356 13-May-2016 19:28

For the sake of the copyright law, it's actually irrelevant who did the downloading, even if you can prove it wasn't you you'll still get the fine.
There was a case of a soldier posted overseas at the time the offending happened. He still got the fine.

However on the flip side, virtually nobody ever gets caught and you have 3 strikes and several Months so I wouldn't worry about it.

Incindre

117 posts

Master Geek
+1 received by user: 21

#1552373 13-May-2016 20:37

Jase2985:
i would suspect monitoring their traffic would be a breach of their privacy

Can anyone confirm this? The only thing I can find on the privacy commission website relates to monitoring Internet in a work environment, and it only suggested that you inform and reach a consensus with your employees or risk making them feel untrusted.

sqishy

530 posts

Ultimate Geek
+1 received by user: 193

#1552391 13-May-2016 20:51

Hi, its no different to places like Cafes, hotels etc that provide free wifi. The best you can do is buy a router that helps blocks certain malicious sites and has network protection. Like you say the WAN IP will be discovered, the police would seek the ISP and find out the address, next the device MAC address will be located as this is usually logged and they can find the offending device. I wouldn't worry too much about it as you would first get a warning then you can take some more serious action.

loceff13

1089 posts

Uber Geek
+1 received by user: 340

#1552393 13-May-2016 20:54

I wouldn't worry over it, if it ever did happen the police would take everything electronic(your stuff included) that the person(if they have any idea) had access to.

Apple TV

Stream your favourite shows now on Apple TV (affiliate link).

Jase2985

13730 posts

Uber Geek
+1 received by user: 6202

ID Verified

Lifetime subscriber

#1552397 13-May-2016 20:59

Incindre:
Jase2985:

i would suspect monitoring their traffic would be a breach of their privacy

Can anyone confirm this? The only thing I can find on the privacy commission website relates to monitoring Internet in a work environment, and it only suggested that you inform and reach a consensus with your employees or risk making them feel untrusted.

would you want someone in the same house as you logging everything you are doing? all the things you look at?

there is potential for abuse

the better idea, which im sure most companies use is just to block those sites that people shouldnt be going to.

muppet

2642 posts

Uber Geek
+1 received by user: 1660

Trusted

#1552410 13-May-2016 21:27

This is easy.

Setup a small server at home running a DNS server. Ensure that the DNS server is one that is able to log all DNS requests.

Then ensure that your home router is ONLY handing out (via DHCP) the local server's IP as the DNS server.

This will let you log DNS requests. Sure, you won't see the data, but you'll see what there browser is requesting.

Of course, this will log every DNS request. Think how many different DNS requests a single webpage (esp if the user is a muppet and doesn't have an adblock) spits out. So if a porn banner pops up, being served from xxx.naughtsite.com, you'll log that. You can run some sort of log analysis to weed out things like that though. i.e. if a site appears 100 times, they're probably visiting it on a regular basis. NAUGHTY.

The drawbacks to this are that it's easy for your flatmates to work-around if they're technically inclined, by changing their DNS servers directly to your ISPs, or Google etc. If you have a clever router you can intercept all DNS requests to your new server, but that requires an extra level of clue and most consumer grade routers don't offer anything this fancy. You'd need an OpenWRT router etc.

You can always get a bit more tricky and force them through proxies using router tricks. You can't intercept SSL though, but you can see the connections.

Have fun.

If anyone replies to this post with blah blah legality etc, I will laugh.