Develop Reference

SNMP call to shared printer

I have a next LAN scheme:
<MyPC 10.220.0.x> --- <WinServ 2008r2 10.220.0.x> --- <Xerox WC 192.168.0.x>
Server has PrintServer role enabled and printer is shared. I want to monitor the printer's state/errors through SNMP but problem is that I haven't acess to printer directly because it is in a different network. I can operate with printer ONLY as a shared i.e. through printserver, so my question is - how I can make SNMP requests to shared printer? Is it possible?

If the device in the middle is routing the relevant traffic and the config on the printer allows it to respond to SNMP requests from outside its subnet then there's nothing to stop it from working.
But those are really big caveats, particularly the first one.
If you are doing any NAT on the box in the middle, then either replace it with a Linux box or proper router or find another problem to solve.
If it's not routing, then you need to set this up (note that you want a STATIC route).
If it is routing already then you probably need to look at the firewall to make sure its allowing the traffic.
If that's all working then you need to look at the SNMP policy on the printer.

Your network diagram is vague enough that they could all be on the same LAN.
If so lucky, then just set a static route to the 192.168 network on "My PC". eg.
route add 192.168.0.0 mask 255.255.0.0 IP-ADDRESS-OF-MY-PC
If you can ping your printer, then you can access it via SNMP, assuming
there are no firewalls on the printer disallowing this.

wireshark i want to sniff on local ip

I have testing environment set up at home with 2 PC´s.
PC 1 ip = 192.168.1.2
PC 2 ip = 192.168.1.4
Gateway = 192.168.1.1
I am sitting on PC 1.
Both computers are on the internet. I tried simply stuff like, going on google and searching, logging in on gmail, using youtube and other things aka. the same.
I want to sniff the HTTP traffic being send from 192.168.1.4, but with many tries i dident succed.
I tried to apply the filter: ip.src == ...1.2 && ip.dst == ...1.4
I also tried to use the PC 2 wlan card and sniff on the mac address, but no luck.
All i ever got was some weird traffic, but no HTTP traffic.
How do i win this?

you need to perform some kind of Man-in-the-Middle attack in order to retrieve the traffic from a target computer, unless you are sitting on a router/switch/gateway. This can be achieved my ARP spoofing a victim, and then forwarding the victim traffic through your own machine and back to the router. Ettercap is a tool you are probably looking for:
Ettercap Website. This can be run on Windows and linux but if your on linux try:
# ettercap -Tq -M ARP /PC2// /GATEWAY//
You should now be able to see PC2 traffic in wireshark. This will also HAVE to be HTTP as you aware, HTTPS would require decryption of the session.
Hope this helps.

If all you are interested in HTTP Traffic interception (and modification) use tools such as https://www.owasp.org/index.php/ZAP or my favourite http://portswigger.net/burp/. Burp has a free and professional edition and it looks like the free edition may be sufficient for your purposes.

capture data packets in LAN

in my college lab all the PCs are connected via LAN by L2 switch. i want to capture the http data packets by wireshark but it is only showing the interface of my own PC. so how can i capture the packets of other PCs.
can somebody tell me working of wireshark?

It is in the nature of switches that you will only see either broadcast packets or traffic that has your MAC address as a destination, that is one of the crucial differences between a switch and a hub.
It is possible for most switches to be configured to copy traffic from one port to another, this is commonly done for monitoring purposes, but that has to be done via administrative access to the device.

You can manipulate the switch's behavior by means of ARP-Spoofing. But be cautious! Doing so might be seen as a criminal act.
So be sure that you're allowed to do so in the lab, sometimes that's OK if it serves the educational purpose. Ask your supervisor or the school's administrator.
My weapon of choice for such things is Ettercap.
A far less intrusive approach would be to use one of your own switches and configure it to forward all traffic. Then you can connect one port as an uplink to the lab's switch, one port to the device under test and one port to your machine running wireshark. (I would recommend using tcpdump for capturing, though.) If you don't have a manageable switch at hand, you can also use a router running OpenWRT.

Local Web Applications

Can someone provide me a direction or concept on how to set up a local web applications, for example, I currently use CUPS within Linux for printer setup and such. CUPS has a local web application by just changing the port number in the loopback address i.e.
127.0.0.1:631
And that takes you to the CUPS web interface. How is that set up? I'm sorry if this is a pretty easy question to answer, I just haven't really found a good answer yet.

You just need to install Apache on your Linux box. Once you do that, you should be able to go to http://127.0.0.1 and see your home page. The page is usually stored in /srv/www but it really depends on the Linux distro that you use.
By the way, CUPS does not use Apache, which means that they implemented a mini web server for their web interface.

Monitor all network traffic going in and out a specific computer/ip address

I'm looking for a tool under windows or mac that allows me to monitor (possibly in a simple way) the traffic going in and out of a computer of my network.
Long story short the residence where I live allows themselves to monitor the internet connection (and doesn't allow us to switch to another provider).
This annoys me on a personal level (I don't like the possibility of people checkin what I do without my knowledge as a general rule regardless of what I do) but also on a professional level (I sometimes work form home).
I'm using/trying out vpn providers (JAP, VyperVPN...) to avoid all this. it works fine with the http connections (if I run iptraces I end up in germany or US or UK ...) but I'm not sure for other applications such as online games, instant messaging softwares that use different ports.
So my question is how can I make sure that my internet traffic is using my vpn connection or not ?

Wireshark would do that for you on Windows and linux (Not sure about Mac). It uses WinPCap library and wraps in a nice UI for you to monitor the packets that you are interested. It allows you to listen to specific or all interfaces , so you can make sure your packets are going via the right interface

if you don't want them monitoring your internet usage, a vpn is a good solution, a vpn will encrypt all of your net traffic between your computer and the vpn gateway -- essentially you'd be surfing the web via a proxy and your landlords wouldnt be able to determine what you are doing.
assuming you are using a real vpn, and not just a browser based proxy solution, then the vpn should encrypt and tunnel all of your network traffic, this includes anything coming out of any port on your computer, not just http traffic.
when you install a vpn on your computer, the vpn creates a fake network device, and all of the vpn traffic gets tunneled to the vpn gateway. you can verify this by looking at your computer's routing tables. there are some vpns which allow for split traffic (split tunneling), e.g. traffic to certain domains gets tunneled through the vpn and others goes in the clear, but this is the rarity, most vpns will tunnel all of your traffic, which seems to be what you are looking for.
just make sure that your vpn uses an encryption protocol, there are some that don't -- this would defeat the whole purpose of your vpn.