I want to preface this article by saying I am not, in any way advocating spying on your users. With that said, there are times (and reasons) why you might need to see what images are being viewed on your network. Whether it be an end user who is viewing content that goes against specific company policies or, worse, against the law. When this happens, you might have need or cause to see just what is being viewed from your LAN. When this is the case there is a handy tool for that called Driftnet.
Driftnet was inspired by the old Apple program EtherPEG and works by watching TCP streams for images and MPEG audio streams. As it listens I dumps the images into a user configured directory and/or it can display the images within a window as they are captured. In this article I will show you how to install and use Driftnet.
You will fortunately find Driftnet in the standard repositories for both Ubuntu and Fedora, so the installation is simple. Since you will be running Driftnet from command line, let's install the same way.
To install Driftnet in Ubuntu, follow these steps:
sudo apt-get install driftnet.
To install in Fedora, follow these steps:
yum install driftnet.
You are now ready to begin using driftnet.
Driftnet needs to had administrative rights to run. So you will either be running this as root or using sudo (depending upon your distribution). The basic usage of Driftnet is:
The common options you will use are:
Before you start using Driftnet, you need to create a directory that will collect the images. I just create a directory called ~/DRIFT for my image collection. Once you have that directory created you can fire up Driftnet like so:
sudo driftnet -d ~/DRIFT
When you issue this command Drifnet will open up a window (see Figure 1) and start collecting images. As you can see, in Figure 1, I have googled "ubuntu wallpaper" and Drifnet captured those images. The application happens very quickly and as soon as you kill the Driftnet command the images will be wiped away.
A word of warning
Driftnet can consume a lot of your system resources. This is especially true when not running in adjunct mode.
It's a slippery slope and can be considered an invasion of privacy. But when you need to see if an end user is viewing images that go against company policy, Driftnet will help you do so.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.