Tarun Siripurapu wrote:
Hi,
I do not have access to backend cabling neither do I want to do
anything bad or illegal. I am on a campus network and want to see the
google search queries within my subnet. I heard that it was possible
that I can view all packets from any machine that is not separated
from my machine by a bridge / router. I am not trying to do anything
bad like sniff people's passwords - I only want to view unencrypted
search queries.
Basically, I want to create a type of a local google zeitgeist like:
http://www.google.com/press/zeitgeist.html
within my subnet.
The example setups shown http://wiki.ethereal.com/CaptureSetup do not
describe a topology where I am just a node on the router but want to
capture stuff all nodes. Is it possible at all?
Ok, some general info.
Almost 100% of todays Ethernet topology uses switching technology to
connect their end nodes. Bridges/routers will usually be used to connect
"bigger" networks together or connect a network to the internet (you'll
get it). This is the common topology, but there are many other
possibilities, so this can only be a general answer without knowledge
about your specific network.
Switching means that a normal node (your computer) on that network will
only see the traffic directed to your own node or directed to all
(broadcast) or some (multicast) nodes on the network. As you won't see
the normal traffic of other machines (e.g. the ones containing Google
search strings) --- you're out of luck here.
There are some very bad techniques available to confuse the switches so
you'll see more traffic (but again, these are very bad things that you
shouldn't do).
Hope this helped,
Regards, ULFL
