You're sat at your PC. You're not using the internet, and neither is anyone in your house who's connected to the same router as you. And yet the lights on the router keep flashing. Clearly something is sending or receiving data, even though it's not you.
Ever wanted to find out what's doing all that communicating? If so, read on.
It's actually surprisingly easy to "tap" an internet connection and to read all the information that's flowing through it, even if that information isn't destined for (or hasn't come from) the computer which is running the tapping software. All you need is a program called a network protocol analyzer, running on a PC that's connected to the network which you want to tap. And if you want to stay on the right side of the law, it's also recommended that you do this on your own home LAN rather than anyone else's!
The best known protocol analyzer software is called Wireshark. It's a 26 MB download from www.wireshark.org and, according to VirusTotal and Web of Trust, it's safe. It's also free, and easy to get started with.
Once you've downloaded and installed the software, you're ready to begin. Incidentally, you'll find that the installer adds another program to your computer in addition to Wireshark. It's called Winpcap and is an integral part of the program, so it's perfectly safe.
When you run Wireshark, the first thing you'll need to do is to select a network interface that you want to tap. If you're using a desktop PC this will probably be the wired ethernet port. On a laptop you'll probably want to tap the wifi interface.
Once this is sorted, click to start capturing data and watch in amazement as all the activity is shown on your screen. You can see the source and destination address of each "packet" of data, and if you click on the details below that list you can see the actual content of the packet. Unless it was transmitted via an https secure, encrypted connection.
With the data at your fingertips, you can now attempt to find out what's using all your bandwidth. In the screen shot below, the lower part of the image is showing the data from the packet shown at the top which is highlighted with a grey bar. By looking at the content of the packet, it soon becomes clear that Dropbox is the culprit here.
For more tips and tricks on using the program, see http://www.youtube.com/watch?v=y-4UQSXkqig for a good tutorial video.
Please rate this article: