You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
-
I suspect you can get most of your answers a different way.
DNS.
DNS is the one part that isn't encrypted, and you could use Wireshark and filter the logging to only port 53 UDP.
It's enough to identify all resolved domain names, which would reveal all destinations.
This is what I did when I setup my own VPN and wanted to block advertising on my mobile device. I knew that the adblocking lists out there were desktop targetted, so I logged the DNS requests and looked just at those, which revealed a whole slew of destinations I didn't want to talk to.
Velocio
@Velocio @emyr, ta for the input. To put it into context I want, at least, to be able to browse logged traffic that's going out of my house AND read it if I wish. I imagine it will broadly fall into two catergories. Stuff that stops working but I know I want to use (lfgss and personal banking etc, webmail etc) and I therefore have to put up with it being encrypted/exlcuded from proxy. The second catergory is stuff that breaks and I don't care about AND previously didn't know about. It's this catergory I care about, i.e. whats potentially leaking from my machine. I'm with NTL and I get so little from the logs that it's laughable!
Maybe I'm complicating it too much and I should just use IP to check where the traffic's going and bump it but I think I must be able to inspect more stuff than I can at present, which is zero.
Cheers