sniff cable modem

i need to put a pc in between my modem and network for sniffing network bandwidth monitoring etc.

have a netgear certified modem. my current option is dropping a 100mb hub off modem, plug a 5 port 1gb switch into that. then plug everything into switch.

have everything gigabit inside cate5e. my inbound speed is 240 mbs. id perfer not to lose that. im not using modem wifi but asus rog wifi router. any options?

thanks

Responses

CCValerie

Official Employee

•

974 Messages

4 years ago

Hi, @user_689a3c, thank you for taking the time to reach out on our Xfinity Forums. Are you still in need of assistance regarding your connection set up?

2

0

U

user_689a3c

Visitor

•

3 Messages

hi yes stil needing help.

4 years ago

0

Cam you please send us a private message with your full name and service address? Our team will do our best to help out. To send the requested information:
• Click "Sign In" if necessary
• Click the "Direct Messaging" icon
• Click the "New message" (pencil and paper) icon
• The "To:" line prompts you to "Type the name of a person". Instead, type "Xfinity Support"
there. As you are typing a drop-down list appears.
• Select "Xfinity Support" from that list. An "Xfinity Support" graphic replaces the "To:" line.
• Type your message in the text area near the bottom of the window
• Press Enter to send it

I no longer work for Comcast.

4 years ago

0

U

user_689a3c

Visitor

•

3 Messages

4 years ago

hi yes still needing help.

0

U

user_kevin_flynn

Visitor

•

2 Messages

3 years ago

@user_689a3c Three suggestions-

1. I believe there are programs that run on desktop OS machines, such as Little Snitch for MacOS and ZoneAlarm for Windows. They won't see requests from other machines, however.

2. Another thing you could try is, buy a wifi+ethernet router that supports packet sniffing (aka the TAP protocol, I think?). You'd connect that router to the Comcast modem, disable wifi on the Comcast, plug one ethernet cable into the Comcast, the other end into your other/new router. All your traffic will pass through your new router. Now you'll need to use a program that can monitor the router.

Some brands of router support "mirroring traffic to a port" which means they'd copy all traffic, passing between the Comcast router and the wifi+ethernet router you added to it, to another machine on the network. That machine will need to run a program that knows how to process that traffic.

https://superuser.com/questions/503907/sniffing-and-logging-http-traffic-through-my-wireless-router

3. if you are feeling ambitious, putting two ethernet cards (aka NICs) into a purpose-built PC, and placing the PC between your Comcast modem and your own router, will provide the opportunity to analyse and filter traffic with the most flexibility. Your Comcast router may still accept wifi clients, which would bypass your two NIC PC. See if you can disable Wifi on the Comcast modem/router, if you want *all* traffic analysed & filtered. You'd then need your own router (which in this network arrangement you will anyways) which has wifi, for phones and tablets, and then that wifi traffic would be seen by your two NIC PC.

There are programs, such as snort (https://www.snort.org/), which provide ability to analyse and filter traffic passing through a two NIC PC.

There are Linux distros which have snort and other similar utilities baked-in, scroll down to 3rd Party Projects on snort's downloads page:

https://www.snort.org/downloads/#rule-downloads

Fair warning: you'll be entering system admin territory. If you've never run a Linux, don't know what a bash/csh/zsh is, I'd look for a Windows-based solution (or MacOS if that's your thing.)

0

U

user_kevin_flynn

Visitor

•

2 Messages

3 years ago

See also- https://forums.xfinity.com/conversations/your-home-network/port-mirroring-on-xfinity-xfi-gateway/602db14ec5375f08cd4c6d27

0

Your Home Network

user_689a3c

sniff cable modem

CCValerie

user_689a3c

CCMartin

user_689a3c

user_kevin_flynn

user_kevin_flynn

New to the Community?