Running wire shark on the computer that might be infected is useless. Really nasty malware has the ability to hide it's traffic even from packet sniffers on the local host.
I find the best bang for the buck is using a passive network tap and plug a sniffer into that. Now.. no need to go out and buy one as that will be expensive.. you can build one($18).
http://www.instructables.com/id/Make_a_Passive_Network_Tap/
If you want to one-up this then get pc and install a network-based Intrusion Detection System(IDS), google snort, it'll look for abnormal network traffic patterns, and you can even configure them to notify you if it does detect something.
Also.. take that linksys router and install DD-WRT on it and configure the firewall to block everything except what you know to be okay.
Note: you can disable the reset button in DD-WRT =)
Slashdot Mirror
Finally, a chance to level playing field against all the smack-talking 13 yr olds playing COD on Xbox live, Say hello to my M203
Running wire shark on the computer that might be infected is useless. Really nasty malware has the ability to hide it's traffic even from packet sniffers on the local host. I find the best bang for the buck is using a passive network tap and plug a sniffer into that. Now.. no need to go out and buy one as that will be expensive.. you can build one($18). http://www.instructables.com/id/Make_a_Passive_Network_Tap/ If you want to one-up this then get pc and install a network-based Intrusion Detection System(IDS), google snort, it'll look for abnormal network traffic patterns, and you can even configure them to notify you if it does detect something. Also.. take that linksys router and install DD-WRT on it and configure the firewall to block everything except what you know to be okay. Note: you can disable the reset button in DD-WRT =)