Using a router to intercept HTTP data. Sniffing?

networking http packet-capture packet-sniffer

Solution 1:

Install squid (an HTTTP proxy) on the MAC, enable logging, and tell the devices to use the proxy. If you need to see more detail then additionally install wireshark (packetsniffer) on the Mac and tell it to sniff port 80.

You don't need to get fancy and install a router or a bridge or set up a transparent (intercept) proxy.

Solution 2:

That's a really tricky environment for what you want. I'm doing much the same thing (Wii :}) by my environment is different. I have a network switch in the front room where the wireless access-point, Wii, and the DVR all plug into, and a long cable to the back room that connects to a Linux machine. That Linux machine is in turn plugged into the router and off the packets go.

The Linux machine is configured to be an ethernet bridge. This makes sniffing dead easy, as all I have to do is run tcpdump on br0 (the bridge Interface). This has helped diagnose many problems. If I was of a mind to do this, I could probably create an intercept proxy with Squid and IPTables.

The problem for you is that Mac doesn't have any ability to do Bridging, which means Windows is your only hope. It will require two network ports. For that, there is a good SuperUser question on how to set it up.

Solution 3:

Without setting up an inline box like sysadmin1138 has, what you can do is execute a man in the middle attack against your gaming consoles, via arp-cache poisoning. Basically you are tricking your gaming consoles into thinking that your computer is the router, and tricking your router into thinking that your computer is the gaming consoles. So, all traffic from the gaming consoles to the router and vice-versa makes a stop through your computer first.

I think it would be possible to set it up on mac or windows, though I'm not sure how.

What I would do is just get a linux live CD designed for hacking such as backtrack ( http://backtrack-linux.org ), boot that up, and use the built-in tools to execute the attack, and then wireshark to analyze the network data. I believe backtrack comes with both dsniff and ettercap, both of which can do the attack. I think dsniff will be a little simpler for this with the plain arpspoof command. Remember to enable ip forwarding before executing it or you will break traffic.

edit: embobo's solution might be a lot easier for you if it's possible to set those consoles up to use HTTP proxies, I'm not sure if they can do that though as I've never used a PS3 or xbox 360.

Solution 4:

If you are willing to replace you router firmware with something like openwrt you could probably install tcpdump. You may also be able to set a firewall rule to tee your traffic so a copy is sent to another machine.

Related

Is it possible to install precompiled Ruby versions with RVM?
Is there a way to limit the memory a process uses in Win7 x64?
*nix CARP or VMWare Fault Tolerance?
Weird set of shell commands in root's .bash_history
"FirewallD not running" error when trying to install a printer
"Cannot fork" error messages
How to open "System > Administrator" -menu?
Sharing between two Ubuntu 11.10 systems not working for me
Terminal Emulator with different background color per instance
Fonts in menu are larger than they should be under Awesome WM
How to make dash load faster in unity-2d
Turn off wine debugging