0

For the past few days I've been trying to monitor my local network to look for new device connections. At first I thought of arpwatch, but if I'm not mistaken, it is worthless if not running on the router itself, which I cannot do.

So then I thought of nmap, and it does work. I'm currently using this specific command with sudo: nmap -sP MY_NETWORK_IP. But at this point I'm wondering, if I make for example a cron task to run it every minute, will affect my local network? I mean, in terms of speed and/or general performance. The scan finishes in like 5 seconds, btw.

Also, I guess not, but can nmap report recently connected, but now disconnected devices?

Or is there another simple network monitoring solution you guys can think of?

Thanks in advance!

Improve this question
9
  • It could, but unless your network is ancient (speeds unter 1Mbit/s) you will not notice any effects. Detecting new clients is not a good task for another client, it should be done by the routers or switches. Commented Sep 19, 2023 at 9:13
  • Unfortunately, my router is a veeeeeeeeeeeeery limited one provided by the ISP, so I can't do much on it, and I'm not gonna but a router just for this. I do have a server that is always on so my plan is to put a docker for this task. My internal network is 1Gbps and my internet contract is of 600Mbps, so I guess I won't notice anything on any device? Can you think of other alternative with my current setup (basically a shitty router)? Thanks! Commented Sep 19, 2023 at 9:17
  • If you want to protect your network from foreign devices (like somebody connecting a machine to a LAN port), there are really only two options: either MAC whitelisting (easy to bypass) or full 802.1x, but both of these are probably not supported by your router. Commented Sep 19, 2023 at 10:35
  • That's right, it's not supported. MAC filterins is also NOT an option for me, some of my devices has random virtual MACs, and also, every time a friend or family member came to my house I would have to stop and authorize their MAC, which is a pain in the ass. My network is fairly secure, but sometimes a I see MACs I don't recognize, so I'm looking for something to send me an email when a new MAC is found. Any other alternative besides using nmap - cron - ssmtp? Would that have any impact on any device communication or whatever? Commented Sep 19, 2023 at 12:25
  • So, is it viable, or would be a performance-consuming thing? Any alternatives? Commented Sep 21, 2023 at 9:42

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.