Split a 100MB ethernet connection for sniffing - Page 3
Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: Split a 100MB ethernet connection for sniffing

  1. #21
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    So what you are doing then is putting a laptop between two hosts, bridging the connection and then sniffing traffic on that bridge (or one of its member interfaces)?

    The only problem I have had with this is the bridge not learning MAC addresses quickly enough, or keeping addresses of the previous setup in the cache. It would probably be a good idea to cover some method of clearing the bridge cache when switching the location of the laptop.

    The only advantage a tap would have over this setup would be a lower latency. For a tutorial though, the bridge setup may be a better idea, depending on the target audience. They are relatively easy to set up with XP.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  2. #22
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #23
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Will this actually serve the purpose as desired? If you look at the pin-out, the lines are completely seperate, the one plug utilizes lines 4,5,7 and 8... The idea of this actually seems fairly futile and useless, it let's you send two seperate ethernet connections along a single line, all it really seems to do is save you a single cable run (yet requires two of these adapters).... Based on their schematics, you couldn't use them to sniff from one to the other...

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #24
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    Hi, Iorngeek I am not sure if this is something your looking for but i think it would work for what you are asking for. What I am talking about is making your own device what you could do it get 3 RJ-45 jacks and what you would do is connect them together side by side (glue works good) then punch down the two end Jacks with a piece of cable and in the center jack only punch down the send or receive wires (meaning if you only want to look at information the node is sending punch down the send or vice versa) then what you could do is plug the wire to your switch into the first jack your computer into the second/middle jack and the switch into the end jack. now you can try and sniff all the traffic you want . I hope this explanation was good I am kinda in a rush so sorry if it is not post back and i will give a better explanation if needed(which I think is sorry )

  5. #25
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    742
    Originally posted here by Irongeek
    I have a VOIP phone that hooks to ethernet. It may not be able to negotiate down to 10Mbit.

    May not or wont? cause if that is your only concern it seems it would easier to test it for 40 seconds and see instead of wasting a bunch of time on crimping/splicing/joining wires

    or go the other route

    Code:
    Internet----Switch-<--IP phone
                                -----Hub---<---computer one
                                                  ---computer two
    surely a cheap switch that will negotiate 10/100 isnt out of your budget?
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  6. #26
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    From my limited test it does not seem to work with the 10Mb hub (unless I hook it up as shown in the video), but a 100Mb switch was fine.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •