Last Updated on May 24, 2020 by admin
Setup network monitoring or man-in-the-middle using Raspberry Pi
For the network monitoring to be created a possibility, the traffic in a network, which is to record network traffic, a Raspberry Pi is needed, which is set up as a man-in-the-middle. A man-in-the-middle is a network device capable of listening, recording and manipulating network traffic.
Good network monitoring requires that as much of the traffic as possible be routed through the analysis or monitoring system. In order for this to succeed, the corresponding device is optimally placed in a network connection or between two endpoints.
task
- Create man-in-the-middle for network monitoring.
- Set up network monitoring.
Solution: Man-in-the-Middle through a WLAN bridge (network bridge)
If you operate Raspberry Pi as a WLAN bridge, then you can tap into all the data packets between the WLAN and the LAN. This Wi-Fi bridge is great for recording network traffic.
Solution: Man-in-the-Middle through ARP spoofing
In ARP spoofing, an attacker within a local network spends his or her own MAC address as that of another device. Thus, the attacker reaches the targeted redirection of network traffic to his analysis system.
The target of the attack may be all traffic on the local network or just a specific host.
- ARP Spoofing and Man-in-the-Middle with Raspberry Pi
Solution: Set up network monitoring
If a Raspberry Pi has been placed in the man-in-the-middle position, it can be used to record network traffic. For example, to find errors in a network communication, to analyze the traffic or to better understand procedures.
- Record network traffic with Raspberry Pi (tcpdump)
- HTTP data analysis (urlsnarf)
- HTTP image data analysis (driftnet)
- Record access data in the network (dsniff)
Leave a Reply