Security Basics mailing list archives

RE: Sniffing A VPN Router

From: "Burton Strauss" <Burton () FelisCatus org>
Date: Tue, 9 May 2006 13:27:27 -0500

You need to put a 'tap' in.  Google for them - 

For 10/100-Base-T expect to pay around US$300 or look at
http://www.snort.org for instructions on making your own.

For Fibre, GigE, etc., you'll need to go commercial - which are more
expensive.

-----Burton

-----Original Message-----
From: Jason T. Hallahan [mailto:jthallah () gmail com] 
Sent: Friday, May 05, 2006 2:33 PM
To: security-basics () securityfocus com
Subject: Sniffing A VPN Router

Hello and good day,

I have a Linksys RV016 VPN Router which I am trying to sniff. I would like
to see all of the traffic using Ethereal (or a similar program), but right
now I can only see Broadcast and Multicast traffic, as well as Unicast to
and from my local machine. I have tried plugging into the uplink port which
I hear sometimes works, but does not in this case. Also, this router has no
options to mirror or span ports, which I guess would have been another
solution. Other than replacing this router with a hub (possible since it is
for a dedicated LAN, i.e. no WAN connection), is there a way for me to sniff
all traffic directed over all ports of this router? Is there a way I can do
it with VLANs?
Is there a tool better than Ethereal or one designed for this purpose?

Thank you for your time!

- Jason

Current thread:

Sniffing A VPN Router Jason T. Hallahan (May 08)
- Re: Sniffing A VPN Router bruno taranto (May 09)
  - Re: Sniffing A VPN Router Harrison Holland (May 09)
- RE: Sniffing A VPN Router ricky . barrow (May 09)
- RE: Sniffing A VPN Router Burton Strauss (May 10)
- Re: Sniffing A VPN Router ilaiy (May 10)
- <Possible follow-ups>
- RE: Sniffing A VPN Router Conlan Adams (May 09)
- RE: Sniffing A VPN Router Mohamad Mneimneh (May 09)
- RE: Sniffing A VPN Router Adam Rosen (May 11)
  - RE: Sniffing A VPN Router David Gillett (May 12)