General Networking/Lan/Wan/Personal Home Network User Internet Monitoring
QUESTION: Hello Jeff K. Though i am very computer savvy, i managed to create a home network on my own from scratch. Something of which i never had experience in before and spent many hours trying to understand the complexity of it all. I will spare you all the babble of my experiences, will get straight to the points here. I have a cable modem for internet access and a Netgear router. All of my systems access the internet (cable modem) through the Netgear router. I have the home network established so i can share files i want to share with all those who reside in home. I have my suspicions with a resident of my home that more time is being spent online playing games then personal responsabilities etc. I need something, or knowledge to do, that is 100% FREE that can enable me to monitor all those who use my internet. When i say monitor, i mean i need to know what sites have been visited and the dates and times. I do not wish to put up timed site blocks (parental controls) as it would not be good enough. Its a trust thing but i want to monitor quietly and have the proof at hand when it calls for it. I have tinkered around with programs like http sniffer's, but can be difficult. Main connection i wanna monitor is wireless. My main system is hardline (RJ-45). Any help with this? Thanks
ANSWER: Hi Joseph,
I don't know your entire situation. But please do be aware that if that person pays you RENT - that they are your TENANT and you are their LANDLORD. Now State law comes into play and they have rights. Those rights are ONLY given up if they have signed something in WRITING that gives that up - and gives you the right to see where they are going and what they are doing. FYI - if there is nothing in writing at all they are still a monthly tenant with all applicable rights - it merely means that either party can provide 30 days notice and end the relationship.
So please be careful. You asked me a technical question. But ... I'm a landlord in PA and so what you are asking is TECHNICALLY possible but you could put yourself in a bad place if you do it - depending on your situation. Right now all I'm hearing is that you feel that it is "your connection" and it is up to you whether they can share it in ways that you don't like. If they are your CHILDREN or LEGAL GUARDIANS - that is different. But you don't want to find out the hard way that you can get into trouble for literally violating a tenant's civil rights. It is one thing to monitor how many MB someone uses since it's your connection. But it is very very different to monitor where they go and what they do there. This VERY THING is exactly why ISPs don't monitor what YOU are doing - just how stuff you are looking at - without specifics.
Again I'm a landlord and we do share our Internet connection with our tenants. But that is just informal. There is nothing in the lease about it, so I have no commitment to provide it. They use Netflix (their own account) and Web browse etc. I've told them that they can't use bittorrent, etc, but I really don't care what they browse or what stuff they watch on netflix or hulu+ etc. They are adults and pay us rent. I don't care what they do as long as it's not going to violate copyright laws and I don't get nasty emails from my ISP.
Ok so ... you didn't ask for any of that but hopefully it is useful ... so onto your actual question:
What you want is do-able but may not be quite as easy to do as one might hope for. I'd probably recommend that you consider using a 3rd party firmware on your router, that has more advanced features like DD-WRT or Tomato. I've used the former. Please note that if you do go this route to do it CAREFULLY - or you can "brick your router". Make sure you've got all the steps laid out beforehand, with all the pieces of software that you need. It's certainly easier to do with newer routers than older ones - where several steps are often needed.
I think that you are likely to need to configure Syslog on your router - then point it at some PC on your network to store the logs for later viewing (small routers don't have a lot of storage at all). Forget about "netflow" - that won't tell you URLs at all - just IPs/Ports. It's not want you want. You could use a sniffer but that is a freak'n pain, as you are collecting and then later looking at packet dumps. What you want is a real-time CONSTANT collection system. Plan on collecting that data on something OTHER than the router (not much storage there). You might even need to leverage an external dns but I'm less clear on that point. Here are some resources to help point you in the right direction:
Please bear in mind that games per se don't use much bandwidth at all. It's just a small real-time stream of UDP traffic with very small packets. That's quite different from monitoring URL usage. Monitoring "gaming" is pretty simple - most games use a very distinct port. For instance a lot of Steam games use 27015 and a few others. https://support.steampowered.com/kb_article.php?ref=8571-GLVN-8711
So, it's cake to know about gaming vs whatever. And gaming won't really mess up your bandwidth usage or interfere via causing network congestion - it's designed to be VERY light weight.
I hope this helps, and do feel free to ask more questions or provide more information if you like.
---------- FOLLOW-UP ----------
QUESTION: Thanks for answering my questions Jeff K. Due to character restrictions, i was not able to provided highly detailed information as i would have liked to to aid you in understanding the situation better. I will note that i am the one that pays the internet bill, i own the internet modem, i bought and own the Netgear router and maintain it all. Those who reside in my home are residents, not tenants and no one here pays rent of any kind. Verbal announcements and announcements in writing have been established, all have been informaed of my future actions involving MY network and what i plan on doing with it. I seek to mainly acquire hands on experience, gain skills, and acquire the knowledge in this field of network monitoring. Also, want to see what 1 particular individual is visiting on the web complete with dates and times. Reason for this? So more time is spent NOT playing stupid games online, but rather taking care of priorities and responsibilities in daily life. Now the technical stuff: All systems that use my network, access the internet through my Netgear router, use Windows Xp Home Edition. I just bought the Netgear router about a few weeks ago, so it is not an old one. All systems use wireless internet. I have a system dedicated to network monitoring, that is if i can master it. I am have trying to get some of my programs to work such as Omnipeek Enterprise, Effetech HTTP Sniffer, and have an assortment of Aircrack, Airsnort type programs too. When i tried such an act of monitoring a network, it worked successfully, years ago. I dunno what i did before or what i installed, but it WORKED! I was using a Netgear WAG511 wireless internet PC Card Chipset unknown (possibly a prism2 or atheros). I still have the card and also have installed winpcap version 4.2. Its a pain to get it to work the way i would like it to. I will do more research on your infomation and check out the links too. See what i can compile. I will send you more techinical information per your reply. Thanks
Character restrictions? First I've heard of that - but I'm usually answering a question here - and maybe they don't limit us? Just keep adding additional follow-ups, to provide more info - it sounds like you have an .... unusual situation there. It sounds like you have expectations of how others are spending their time, like they either work for you - or you are part of some partnership of young people in college or starting out - and trying to maybe build a small company? I'm just interested, if you have the time to write something up.