Questions

How to find out who is connected to my computer?

Tags:
+
0 Votes
Locked

How to find out who is connected to my computer?

tanababa
Hi,
How can I find out who or if at all someone is connected to my computer when I am connected to the local cafe WiFi?
Thank you,
Tamir
  • +
    0 Votes
    OldER Mycroft

    Download and install Wireshark from here:

    http://www.wireshark.org/

    When you run it, it shows all IP addresses that your computer is connecting to - and all IP addresses heading into your computer.

    Wireshark isn't the easiest of programs to learn, but it'll give you a good overview of the wireless traffic on your system.

    +
    0 Votes
    NetMan1958

    Open a command prompt and run "netstat -a" without the quotes. You can also use netstat with linux, but you might want to read the man page for all the options.

    +
    0 Votes
    rogue_tide

    I'd trust Netstat over all others, if it's running windows.

    +
    0 Votes
    Neon Samurai

    With Windows:

    - look into the comand Netstat. It shows open ports and what IP is connected to them.

    - for graphic tools, look at Essential Net Tools or Inet Watch

    With Unix like OS:

    - pktstat shows current connections and traffic

    - netstat, I believe it's there also (not at home to confirm as I use pktstat more often)

    When not at the local coffee shop, I'd also recommend doing a port scan of your own machine's IP to see what ports are open and available for connection. The Windows firewall is better than nothing so make sure it's configured to only leave open what you absolutely can't live without; which should be nothing unless you have network shared directories on your laptop for some reason.

    +
    0 Votes
    jdclyde

    check your system out before you get to the wifi, and then again at a few different ones.

    This will show you what is normal for your system (based upon what you have running) and what isn't.

    You will also probably be surprised at how much is set to automatically access the internet for updates. I turn all of that crap off, especially on a laptop.

    +
    0 Votes
    Neon Samurai

    On the Linux Distro machines, it's a two second command to habitually check for updates at my first daily login. On Windows, once a month I take some time for patch tuesday then each of the other applications. AV is about the only auto-update I leave running though not on the notebok.

    +
    0 Votes
    jdclyde

    As you don't know how long you will be on at a time, the last thing you want is ANY update starting when you only have a few minutes to check your email or get directions.

    +
    0 Votes
    Neon Samurai

    Not just as a matter of how long one may be connected but connecting at all. The last thing I want is a bunch of auto-updates detecting a fresh network connection and blasting a lot of noise out of my NIC. Even my N810 gets configured to be passive only unless I, the user, do something.

    I really good example is being under contract to audit a network and after you stealthfully find your way onto the network, having trumpetts of AV update checks and such announce your arrival.

    "The quieter you are, the more you can hear"
    (also my standard liveCD unless I need office tools provided by Mandriva One.)

    +
    0 Votes
    jdclyde

    Always thought it would be interesting to get to that level of security. Do mostly networking and servers now, but knowing what is on the network would go a long way towards troubleshooting issues.

    Got a good book you can recommend on network audits?

    +
    0 Votes
    Neon Samurai

    I can confirm the title and BIN# when I get home.

    Open Source Security Testing Methodology Manual v2.2 - I just pulled the v2.0 PDF which is freely available. I'll have v3.0 when it becomes available also.

    Security+ and CEH text books are a good read even if you don't plan on writing the certs. read the sections you like in your local Chapters type store.

    thelasthope.org/talks.php
    - using firefox as an auditing platform

    defcon 15
    - tactical exploitation (talk given by the two core developers behind Metasploit)

    If you find any of the SecTor, Blackhat or more DefCon talks freely available let me know where. I'm on the hunt like RIAA after a way to shutdown bittorrent.

    +
    0 Votes
    Dumphrey

    as you can redirecct its output to a text file to compare with another file created at a different time using fc.

    +
    0 Votes
    jdclyde

    NetInfo allows you to scan a range of IP addresses, a single address, or show ALL of your current connections to an from your system.

    http://netinfo.tsarfin.com/

    Not sure how it works now, but it was a free eval when I got my copy.

    +
    0 Votes
    ---TK---

    Right click "My computer" --> "manage" --> click shared Folders --> and click shares --> and this will show # Client Connections and it will also show what share they are looking at. If you click Open Files, it will show what exactly they are looking at.

    +
    0 Votes
    1bn0

    CurrPorts v1.50 - View Opened TCP/IP ports / connections

    http://www.nirsoft.net/utils/cports.html

    +
    0 Votes
    tanababa

    Thank you everybody for all the answers.
    You are the best :-)

    Tamir

  • +
    0 Votes
    OldER Mycroft

    Download and install Wireshark from here:

    http://www.wireshark.org/

    When you run it, it shows all IP addresses that your computer is connecting to - and all IP addresses heading into your computer.

    Wireshark isn't the easiest of programs to learn, but it'll give you a good overview of the wireless traffic on your system.

    +
    0 Votes
    NetMan1958

    Open a command prompt and run "netstat -a" without the quotes. You can also use netstat with linux, but you might want to read the man page for all the options.

    +
    0 Votes
    rogue_tide

    I'd trust Netstat over all others, if it's running windows.

    +
    0 Votes
    Neon Samurai

    With Windows:

    - look into the comand Netstat. It shows open ports and what IP is connected to them.

    - for graphic tools, look at Essential Net Tools or Inet Watch

    With Unix like OS:

    - pktstat shows current connections and traffic

    - netstat, I believe it's there also (not at home to confirm as I use pktstat more often)

    When not at the local coffee shop, I'd also recommend doing a port scan of your own machine's IP to see what ports are open and available for connection. The Windows firewall is better than nothing so make sure it's configured to only leave open what you absolutely can't live without; which should be nothing unless you have network shared directories on your laptop for some reason.

    +
    0 Votes
    jdclyde

    check your system out before you get to the wifi, and then again at a few different ones.

    This will show you what is normal for your system (based upon what you have running) and what isn't.

    You will also probably be surprised at how much is set to automatically access the internet for updates. I turn all of that crap off, especially on a laptop.

    +
    0 Votes
    Neon Samurai

    On the Linux Distro machines, it's a two second command to habitually check for updates at my first daily login. On Windows, once a month I take some time for patch tuesday then each of the other applications. AV is about the only auto-update I leave running though not on the notebok.

    +
    0 Votes
    jdclyde

    As you don't know how long you will be on at a time, the last thing you want is ANY update starting when you only have a few minutes to check your email or get directions.

    +
    0 Votes
    Neon Samurai

    Not just as a matter of how long one may be connected but connecting at all. The last thing I want is a bunch of auto-updates detecting a fresh network connection and blasting a lot of noise out of my NIC. Even my N810 gets configured to be passive only unless I, the user, do something.

    I really good example is being under contract to audit a network and after you stealthfully find your way onto the network, having trumpetts of AV update checks and such announce your arrival.

    "The quieter you are, the more you can hear"
    (also my standard liveCD unless I need office tools provided by Mandriva One.)

    +
    0 Votes
    jdclyde

    Always thought it would be interesting to get to that level of security. Do mostly networking and servers now, but knowing what is on the network would go a long way towards troubleshooting issues.

    Got a good book you can recommend on network audits?

    +
    0 Votes
    Neon Samurai

    I can confirm the title and BIN# when I get home.

    Open Source Security Testing Methodology Manual v2.2 - I just pulled the v2.0 PDF which is freely available. I'll have v3.0 when it becomes available also.

    Security+ and CEH text books are a good read even if you don't plan on writing the certs. read the sections you like in your local Chapters type store.

    thelasthope.org/talks.php
    - using firefox as an auditing platform

    defcon 15
    - tactical exploitation (talk given by the two core developers behind Metasploit)

    If you find any of the SecTor, Blackhat or more DefCon talks freely available let me know where. I'm on the hunt like RIAA after a way to shutdown bittorrent.

    +
    0 Votes
    Dumphrey

    as you can redirecct its output to a text file to compare with another file created at a different time using fc.

    +
    0 Votes
    jdclyde

    NetInfo allows you to scan a range of IP addresses, a single address, or show ALL of your current connections to an from your system.

    http://netinfo.tsarfin.com/

    Not sure how it works now, but it was a free eval when I got my copy.

    +
    0 Votes
    ---TK---

    Right click "My computer" --> "manage" --> click shared Folders --> and click shares --> and this will show # Client Connections and it will also show what share they are looking at. If you click Open Files, it will show what exactly they are looking at.

    +
    0 Votes
    1bn0

    CurrPorts v1.50 - View Opened TCP/IP ports / connections

    http://www.nirsoft.net/utils/cports.html

    +
    0 Votes
    tanababa

    Thank you everybody for all the answers.
    You are the best :-)

    Tamir