May 26th, 2005, 08:41 PM
So what you are doing then is putting a laptop between two hosts, bridging the connection and then sniffing traffic on that bridge (or one of its member interfaces)?
The only problem I have had with this is the bridge not learning MAC addresses quickly enough, or keeping addresses of the previous setup in the cache. It would probably be a good idea to cover some method of clearing the bridge cache when switching the location of the laptop.
The only advantage a tap would have over this setup would be a lower latency. For a tutorial though, the bridge setup may be a better idea, depending on the target audience. They are relatively easy to set up with XP.
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError
May 26th, 2005, 10:19 PM
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
May 26th, 2005, 11:50 PM
Will this actually serve the purpose as desired? If you look at the pin-out, the lines are completely seperate, the one plug utilizes lines 4,5,7 and 8... The idea of this actually seems fairly futile and useless, it let's you send two seperate ethernet connections along a single line, all it really seems to do is save you a single cable run (yet requires two of these adapters).... Based on their schematics, you couldn't use them to sniff from one to the other...
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
May 27th, 2005, 01:27 AM
Hi, Iorngeek I am not sure if this is something your looking for but i think it would work for what you are asking for. What I am talking about is making your own device what you could do it get 3 RJ-45 jacks and what you would do is connect them together side by side (glue works good) then punch down the two end Jacks with a piece of cable and in the center jack only punch down the send or receive wires (meaning if you only want to look at information the node is sending punch down the send or vice versa) then what you could do is plug the wire to your switch into the first jack your computer into the second/middle jack and the switch into the end jack. now you can try and sniff all the traffic you want . I hope this explanation was good I am kinda in a rush so sorry if it is not post back and i will give a better explanation if needed(which I think is sorry )
May 27th, 2005, 01:30 PM
Originally posted here by Irongeek
I have a VOIP phone that hooks to ethernet. It may not be able to negotiate down to 10Mbit.
May not or wont? cause if that is your only concern it seems it would easier to test it for 40 seconds and see instead of wasting a bunch of time on crimping/splicing/joining wires
or go the other route
surely a cheap switch that will negotiate 10/100 isnt out of your budget?
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click
May 27th, 2005, 02:35 PM
From my limited test it does not seem to work with the 10Mb hub (unless I hook it up as shown in the video), but a 100Mb switch was fine.