Monitoring Network Traffic (Airport Extreme)?

[braindead5400]

I've been googling around all afternoon and I can't seem to find a clear answer so I figured I'd ask here to see if I could get any help.

I have an airport extreme which serves various macs and PCs. I'm trying to find out if there is a way to monitor all of the internet traffic that goes through the router so I can know what my kids are looking at without having to lock down their computers with restrictions and parental controls. They seem to be getting a little creative with their selective deleting of items in their browsing history so I'm trying to figure out a way to see what is going through the router in clear form.

I know the router itself has logging but from what I can tell the logs won't tell me the information that I need. I've found a couple of software solutions but none of them seem to indicate that they'll work on a wireless network. Is there anything I can do to know what urls my kids are visiting?

Thanks

 

[Intell]

There isn't an easy way to configure the Extreme to do that. In the past I've use OpenDNS.

 

[braindead5400]

I was just looking at that and thinking about checking it out. I think it would be a lot easier than spending a decent amount of money on some parental software.

Thanks

Edit: I guess my only reservation with OpenDNS is the fact that they don't really explain how it all works. From what I can tell all internet activity through my router will go through them instead of whatever it is set to now. However the thought of all of my household internet usage in the hands of a company is a bit unnerving.

Am I to assume that they aren't getting anything that my ISP wouldn't get? If it is a matter of just a different company having the data as opposed to the data being newly available then it seems like there's much less to worry about.

 

[Intell]

Only the DNS lookups go through them. A DNS lookup is when your computer asks a Domain Name Server (DNS) the IP address of a website.

Example: You type in www.google.com. Your broswer then asks a DNS what the IP address of www.google.com is. The DNS replies 74.125.113.147. Your browser then accesses and loads the site using that IP address.

You are already using one of these. Possibly your ISP's. There are other public DNS servers, like Google's 8.8.8.8 one.

There is little information they can really use against you if you were to use OpenDNS. All they could see is what top level domains you visits. They'd see "https://forums.macrumors.com" instead of "https://forums.macrumors.com/showthread.php?p=14291195". They cannot monitor your online transactions nor snoop on data you are sending or receiving.

 

[nissan.gtp]

maybe a tool like snort would help. monitor outgoing connections.

 

[MikeZToo]

Squid is your friend.

Repurpose one of your PCs (an older one is quite capable of keeping up with household network traffic) for a _real_ firewall (by real I mean more configurable), install your favorite *nix OS, place it between the airport extreme and your outside connection. Force web traffic through a proxy server running on the firewall. Read the logs as your leisure. If there's an old PC kicking around your house, the only $ investment will be for a second NIC. I suggest enabling authentication on the proxy server so you can sort out your kids' traffic from yours.

- M