|
Create a bastion host from an old PC between the router and the LAN?
Keep Calm and Carry On
|
|
|
|
|
dandy72 wrote: How would you approach this problem?
Rather than spend a large amount of money you could spend a couple of minutes making a read-only ethernet cable[^]. Simply replace the cable going into your cable modem and then you could capture packets off the read-only end.
The best part of doing it this way is that you can also use a ethernet PHY analyzer for passive signal analysis without interrupting the network.
Best Wishes,
-David Delaune
|
|
|
|
|
I would expect the DD-WRT router to have logging capability that shows source and destination IP's. If that is enabled, I would direct it to send those log entries to a syslog server and write to a file. I have created syslog servers using both <gasp> python and C#. Python is easier for a one time kind of operation. Most of the code has to do with filtering what log entries to keep.
I use a router that has both Wireshark and logging built in. Logging is easier to use if it shows source and destination IP's that you can use with whois. I had to block about 10 outbound IP's (each) in the firewall to stop Amazon streaming and Windows updates. Many of the devices that phone home do so to Amazon AWS, in my limited experience. I did spot (logging in an Asus router) a surveillance camera phoning home to an IP in Tanzania.
For other uses of wireshark, we keep an old hub around for such. You do need to turn on promiscuous mode.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
You state that you have VMs which makes me believe you have a good solid virtualisation platform, if you have (as I do) here`s what I do.
1) create a VM and install pfsense into it, make sure you add 2 virtual NICs to the VM and put them in completely different subnets.
2) disable your existing DHCP service, then enable the DHCP service on the pf sense VM, set one NIC as LAN and the other as WAN
3) give your existing routers LAN connection a static IP in the same subnet as the WAN on pf sense
4) instruct pf sense to send all outbound traffic via your static old router ip, and tell the dhcp service in pf sense to send all dhcp requests with a gateway address set to its LAN interface.
Once your up and running, pfsense has a packet grabber built in that produces Whitechapel compatible grabs, just run the tool, make sure you have a good chunk of disk space, and leave it overnight, or what ever period you see necessary
optionally, you can inject squid proxy in the middle of it and set it up to dump all as I keys to a text file, that file can then be loaded into wireshark along with the capture to decrypt HTTPS traffic too.
|
|
|
|
|
I do not know if this would help in your case nor do I have DD-WRT to test it but a quick search returned suggestions to install YAMon ([^]) directly in the router.
According to the site: Quote: Yet Another Monitor (YAMon) records and reports on the traffic (downloads and uploads) for all of the devices connecting to your router. The data is aggregated by hour, day and month
This would, at least, identify the device since something steadily downloading at 2-3Mbps for hours would show a steady increase in device statistics.
Otherwise I would suggest Wireshark like others have done.
Good luck.
|
|
|
|
|
Thanks for that.
I know enough about networking to get myself into trouble, so of all the answers I've received so far, I'd say this is probably the one that's the most within my reach. Thanks, I'll give it a shot.
(and then the others, as time permits)
|
|
|
|
|
I have an Office 365 account via corp. I send very little email from that account. Today, like other days, I got a "daily briefing" from cortana@microsoft.com. It said something like: 6 days ago, you asked.....
The rest of the line quoted what was inside my email. So, cortana baby is reading (and reporting?) my emails.
One wonders if that is stated in their privacy blurb.
Fortunately, like I said, I don't use that account much.
As they say, anything you put/send on the Internet is public information.
My pals and I are switching to that Swiss email company that encrypts email.
If you can keep your head while those about you are losing theirs, perhaps you don't understand the situation.
|
|
|
|
|
Yahoo mail does the same thing, but they were nice enough to tell m4e.
|
|
|
|
|
all of your data via Microsoft is screened for hate speech, etc. They read everything.
If you store word documents on a Microsoft server (i.e. onedrive, etc.) they screen it for hate speech or anything that they don't like.
so, yes. Microsoft reads everything.
It's in the fine print.
Not sure if there is a way to disable this.
|
|
|
|
|
At first I found this a useful reminder, then I realised it's just like having another co-worker reminding me about stuff I've forgotten to do, one I can't give a hard stare when pass their desk or deliberately ignore at the coffee machine.
|
|
|
|
|
Sunday morning, 08:54 - about 40 miles (65Km) away.
Why do I always get the 80 mile round trip on a Sunday morning, when the neighbours get a 5 mile round trip at a civilized time on a weekday?
Still, I'll be glad to get it, even if I do get the same side effects I did last time*. At least this time I can plan for them instead of them appearing as a "bonus prize". I won't be answering the CCC on Friday, for example ...
* I guess that side effects are proof that your immune system is working it's nuts off to kill the intruder!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
I had quite a reaction to my first one but no problem with the second and I thinks that's quite common with Astrazeneca.
|
|
|
|
|
In two weeks time I'm going the get my first one.
"In testa che avete, Signor di Ceprano?"
-- Rigoletto
|
|
|
|
|
Good luck! I had nasty side effects, but they didn't last long - the worst was over in around 24 hours, but the injection site remained "hot and red" for about a week.
If you plan to be completely useless the following day (spend it in bed) and you get no problems, then great!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Thank you and good luck as well.
Quote: If you plan to be completely useless in the following day Since my birth I've been useless, like The Wife uses to say.
"In testa che avete, Signor di Ceprano?"
-- Rigoletto
|
|
|
|
|
Good luck - got my second BioNTech last weekend (they do not say Pfizer in Germany ) and was not able to walk for the next and half day.
|
|
|
|
|
Congratulations! I got my second Moderna shot over 2 weeks ago so now I'm fully vaccinated. Each shot only gave me a sore spot on my arm, nothing bad.
Kelly Herald
Software Developer
|
|
|
|
|
Yay - I had my second one a few weeks ago
"I didn't mention the bats - he'd see them soon enough" - Hunter S Thompson - RIP
|
|
|
|
|
I was lucky. Work paid for and scheduled my jabs. Herself wasn't she had a 3 hr trip one direction to get hers. But the second one for her. She and I made it a date day and just drove down and had lunch on the way. Made for a wonderful day. Until her reaction that night.
To err is human to really elephant it up you need a computer
|
|
|
|
|
Herself had no problems at all ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
sometimes they are tougher than we are.
To err is human to really elephant it up you need a computer
|
|
|
|
|
Shhhhh! Don't spread that around! She may hear you!
Get me coffee and no one gets hurt!
modified 8-Jun-21 16:52pm.
|
|
|
|
|
I had mine today, 45 minute round trip. it helps not to live half way up a mountain.
I am fully 5G complaint now!
veni bibi saltavi
|
|
|
|
|
I complain about 5G as well!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
I get my second shot in two weeks.
I guess it's no consolation, but the sideeffects I got from Biontech (Pfizer) was pretty nasty as well.
The day after my arm felt like someone had hit me. The day after that I had a fullblown sinus infection, which luckily didn't last.
But apparently that sideeffect is so uncommon I was told to get tested just in case.
|
|
|
|