How to Monitor Network Traffic GA S REGULAR Menu Lifewire Tech for Humans Newsletter! Search Close GO Internet, Networking, & Security > Home Networking 45 45 people found this article helpful

How to Monitor Network Traffic

Get an understanding of your network's issues

By Nicholas Congleton Nicholas Congleton Writer William Patterson University Nick Congleton has been a tech writer and blogger since 2015. His work has appeared in PCMech, Make Tech Easier, Infosec Institute, and others. lifewire's editorial guidelines Updated on December 3, 2021 Tweet Share Email Tweet Share Email Home Networking The Wireless Connection Routers & Firewalls Network Hubs ISP Broadband Ethernet Installing & Upgrading Wi-Fi & Wireless

What to Know

To locate your router’s IP address, in Windows, open a Command Prompt and run ipconfig. For Mac and Linux, run ip r.Using a router, open browser and enter router IP address > Enter > locate Device List > Status, or Bandwidth or Network Monitoring.In Wireshark, go to Capture > Capture packets in promiscuous mode > OK > Shark Fin to begin, let it run, then press Stop (square). This article explains how to monitor network traffic using your router or Wireshark. Additional information covers how to locate your router’s IP address.

Using Your Router

Everyone has a router, and you can access it from nearly any device on your network. All your traffic already flows through the router, so it’s the most direct source of information about what’s going on within the network. You’re going to need to find out your router’s IP address. For most routers it’s 192.168.1.1, unless someone changed it. If you’r not sure, open a command prompt, and run ipconfig. On Mac and Linux, run ip r. On Windows, you’ll find your router’s IP listed as the Gateway. On Linux, it’ll be next to default via. Open your web browser and enter the router’s IP address in the address bar. This is exactly like browsing to a website, so press Enter after you enter the IP address. You’ll probably be prompted to enter your router’s admin username and password before you can go any further. If you didn’t set them yourself, your ISP probably did when the set it up. Look for any documentation they may have provided to sign in. Every router is different, and so are their interfaces. When you first sign in to most, you’ll arrive at a basic status page. It’ll show you information about your router and your network that may be useful, but not too in-depth. Try to find a Device List link to see which devices are connected to the network. Your router’s device list will show you the IP addresses of the devices connected to the network. It may even provide a bit of information about what they are. You will usually see a computer’s name next to the IP, if one was set. Here, you’ll also be able to see connection information for Wi-Fi devices, including their signal quality and the available bandwidth. Have a look around for a Status section on your router. You might be lucky enough to even have a specific Bandwidth or Network Monitoring section. It’s under a section like this that you’ll be able to find more data about bandwidth usage of specific devices by IP address. When you locate your router’s traffic or bandwidth monitoring sections, you’ll be able to see which devices are using the most bandwidth. You’ll see transmission rates and other useful stats. In some cases, you may find graphs and even real-time monitoring that provide visualization of what’s happening on your network. With this information, you’ll be able to find out what your networks biggest hogs are and what devices might be struggling to get a decent signal. You’ll also be able to see if anyone’s weaseled their way onto your network when they shouldn’t be there.

Wireshark

Wireshark is an open-source tool for packet filtering. If you don’t know what packet filtering is, it’s a much lower level network management task, so Wireshark can be considered overkill for simply viewing traffic on your network. That said, it can absolutely get the job done. Plus, it’s free and available for Windows, Mac, and Linux. Open your browser and head to the Wireshark download page, and grab the latest installer for your operating system. If you’re on Linux, Wireshark is probably in your distribution’s repositories. Ubuntu and Debian users should install Wireshark with: $ sudo apt install wireshark
Run the Wireshark installer. Everything should be straightforward, and the default options will work in almost every case. Open up Wireshark If Wireshark looks confusing at first, don’t worry. You don’t need to know much about it for the basics. Select Edit and Preferences in the top menu to set one option that you’ll need. A new window will open up. Locate Capture in the left side list and select it. The body of the window will shift to display the capture options. Make sure that Capture packets in promiscuous mode is checked. Press Ok when it is. Using Wireshark in promiscuous mode on a network that you don’t own is not legal. Be sure to only do this on your own network. Back on the main Wireshark window, there are two icons that you’ll need in the main menu. The blue Shark Fin icon starts the Wireshark capture process that records network activity. The red Square stops the capture. You’ll be able to review and even save the data after the capture. Press the Fin to start. Let the capture run for a bit. If there’s something that you’ve been having a problem with on your network, try to recreate those circumstances. With any luck, Wireshark will capture the moment the problem occurs, and you’ll be able to take a look at what happened. After you’re satisfied with the amount of info you collected, press the red Square to stop the capture. Take a look at the results. In the top section of the window, you’ll see the different packets collected by Wireshark. Each one will have an IP address that sent the packet and one that received it. You’ll also see the network protocol of each. When you select one, you’ll be able to sift through the packet data in the box below. The lowest option on the list generally contains the most “human readable” portion of information. If the packet was encrypted, though, you won’t see much. Keep looking through. Try to use the timestamps to locate the exact moment that your problem occurred. Hopefully, there will be relevant information available. If you want to know more about Wireshark, check out the complete Wireshark tutorial.

Why Monitor Your Network

It might seem a little too tech-y or excessive, spying on all the traffic going through your home network, but it can help provide valuable insights into your network’s performance. You’ll uncover exactly which devices, or even specific programs, are hogging your bandwidth. Through network monitoring, you can uncover where you computers are connecting and how much data they’re sending or receiving. Then, you’ll be able to correct any problems and make better use of your network.
Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit More from Lifewire How to Find the IP Address on a Mac What Is an Intrusion Prevention System (IPS)? 4 Ways to Find Your Roku IP Address (With or Without the Remote) Can a Router Get a Virus? How to Use Wireshark: A Complete Tutorial How to Connect a Router to the Internet NETGEAR Default Password List (Updated October 2022) How to Fix a "Failed to Obtain IP Address" Android Error How to Find the Printer on Your Network in Windows 10 What Is a Dynamic IP Address? What Is an IP Address? How to Find Your Default Gateway IP Address Can't Connect to the Internet? Try These 10 Tips How to Fix Wi-Fi Authentication Problems on Android D-Link DIR-600 Default Password Cisco Default Password List (Updated October 2022) Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies