Wireshark mailing list archives
Re: Looking for a portable sniffing-friendlyhub/switch
From: dan meyer <dan () meyer-family net>
Date: Wed, 14 Apr 2010 14:01:53 -0500
Here is a better reference to home made taps: http://www.enigmacurry.com/articles/building-an-ethernet-tap/ The short of it is you need two NIC's on the machine doing the sniffing. -- Dan Meyer On Wed, Apr 14, 2010 at 10:19 AM, RUOFF, LARS (LARS)** CTR ** < lars.ruoff () alcatel-lucent com> wrote:
Yes, I have come across this one too. But this one looks suspect to me. There are only 3 ports here and there is a physical link between all Rx and Tx cables, so this should introduce collisions at the least. Also, I can't see how the outbound traffic from host B will be output on the tap port? I think this can't work?! Lars-----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Oldcommguy - Tim Sent: lundi 12 avril 2010 21:52 To: 'Community support list for Wireshark' Subject: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch The DIY tap actually works....depending on how well one follows directions. For VoIP with a SPAN port , please remember, there will not be any jitter and loss frames for your analysis. Other than that it is all about connections, setup,,,etc. Another DIY - http://www.instructables.com/id/Make-a-Passive-Network-Tap/ Good Sniffing..... Tim O'Neill - The "OldcommguyT" B.T. Solutions, Inc. Phone - 770-640-0809 Website - www.lovemytool.com e-mail - Tim () oldcommguy com Please honor and support our Troops, Law Enforcement and First Responders! All Gave Some - Some Gave All! -----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Lee Sent: Monday, April 12, 2010 3:00 PM To: Community support list for Wireshark Subject: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch One difference between the $1K tap and the DIY version might be that the expensive one will work wherever you put it in your network. The DIY version instructions to Strip the cat 5 cable and untwist all the individual wires. I believe makes it not cat 5 any more. It's probably still good enough for it's intended purpose - ie. at home & cheap - but maybe not such a great idea to use on a critical link at work. (which isn't going to stop me from trying to make one myself :) Thanks for the link to the DIY taps - I hadn't seen those before. Regards, Lee On 4/12/10, RUOFF, LARS (LARS)** CTR ** <lars.ruoff () alcatel-lucent com> wrote:Hi, thanks to all who have contributed! First of all, i'd like to say that i fully understand thepoint of theTAP advocats. But I should have added that most of my sniffing use casesare relatedto network or application layer stuff (mostly VoIP) on lowbandwidth links.So with this in mind, i go 100% with the comment of Martinand thinkthataport mirroring switch will do the job better for most of my needs. (But i'm still looking forward to use a tap sometime) As for another provocative question to through into thearena, what'sthe difference between this one... http://www.networktapstore.com/10-100-1000-TAP.asp ($1,095.00! *yuck*) ...and that one: http://hackadaycom.files.wordpress.com/2008/09/tap.jpg?w=450&h=291 ;-) or for some more details:http://thnetos.wordpress.com/2008/02/22/create-a-passive-netwo rk-tap-for-you r-home-network/http://www.enigmacurry.com/category/diy/ What are the limits of the second type of "solution" in practice? Another question, purely technical: When using a tap, what's the sniffing process: Sniff simultaneously on 2 NICs on same PC (2x dumpcap),then merge the fileswith mergecap? Any other hub/switch recommendations? PS: I will add the info to the Wiki. thanks, regards, Lars-----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Guy Harris Sent: dimanche 11 avril 2010 22:00 To: Community support list for Wireshark Subject: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch On Apr 11, 2010, at 12:56 PM, Guy Harris wrote:The right place might be http://wiki.wireshark.org/CaptureSetup/Ethernet as it already has some information on this.I've added a link to that from the front page, just asthere's a linkto CaptureSetup/WLAN. ______________________________________________________________ _____________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe______________________________________________________________ _____________Sent via: Wireshark-users mailing list<wireshark-users () wireshark org>Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe______________________________________________________________ _____________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe ______________________________________________________________ _____________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Looking for a portable sniffing-friendlyhub/switch, (continued)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 10)
- Re: Looking for a portable sniffing-friendlyhub/switch Jaap Keuter (Apr 10)
- Re: Looking for a portable sniffing-friendlyhub/switch Guy Harris (Apr 11)
- Re: Looking for a portable sniffing-friendlyhub/switch Guy Harris (Apr 11)
- Re: Looking for a portable sniffing-friendlyhub/switch RUOFF, LARS (LARS)** CTR ** (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Oldcommguy - Tim (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Kok-Yong Tan (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch RUOFF, LARS (LARS)** CTR ** (Apr 14)
- Re: Looking for a portable sniffing-friendlyhub/switch dan meyer (Apr 14)
- Re: Looking for a portable sniffing-friendly hub/switch Oldcommguy - Tim (Apr 09)
- Re: Looking for a portable sniffing-friendly hub/switch Jake Peavy (Apr 09)
- Re: Looking for a portable sniffing-friendly hub/switch Alex Lindberg (Apr 09)