I'm curious to see what information I'm blasting out to the various services I depend on for internet (ISP, DNS, probably Cloudflare, etc.).
Are there any easy to setup, entirely self-hosted tools I can run on my home network that would allow me to snoop on my own traffic.
I want more than just DNS, so I'm not just looking for pihole and its ilk. I want to see things like SNI and any non-protected traffic that any of the devices on my network might be sending that I just don't know about.
Ideally, it would be something I could leave on without affecting my speed/latency, but something to turn on occasionally and spot check would be better than nothing.
My router runs VyOS, so I should have quite a bit of flexibility in what I do with my traffic, though I never have figured out if/how to deploy custom software to it…
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web HTTPS HTTP over SSL IP Internet Protocol IoT Internet of Things for device controllers SSL Secure Sockets Layer, for transparent encryption
4 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.
[Thread #201 for this sub, first seen 8th Oct 2023, 23:35] [FAQ] [Full list] [Contact] [Source code]
Oh, this the exact use case for a tool that I’m writing right now! It’s a daemon that runs on the gateway and acts as a DNS + DHCP + Firewall to monitor the activity of IoT devices.
https://github.com/mafik/gatekeeper
In the 1.6 (expected next weekend) I’m adding traffic graphs for each device and remote domain that it talks to.
SPAN port on the switch, send it all into a server running Suricata which can analyze, classify, and log all the traffic. Don’t run it in IPS mode online unless you’re willing to suffer a little…
