Re: [fw-wiz] Sniffing DSL Connection

From: Crispin Cowan (crispin_at_immunix.com)
Date: 09/15/03

  • Next message: Mike Cain: "RE: Router Internet Monitoring [bcc][faked-from]" 
    To: Chuck Swiger <chuck@codefab.com>
Date: Sun, 14 Sep 2003 17:58:44 -0700

    Chuck Swiger wrote:

    > Jeff_Lopes@groove.net wrote:
    >
    >> DSL Modem ---> Hub ---> Linksys Router ---> Internal Machines
    >>
    >> I then put a Linux machine on the hub and ran ethereal. No traffic!
    >
    > Do you have a real IP address from the DSL modem, or does your Linksys
    > do PPPOE? If it's the latter, all of the IP traffic is being
    > encapsulated within PPP-- ethereal should still see the traffic, but
    > trying to match by IP addr will fail.

    Or, your "hub" isn't really a hub. I've encountered a recent phenomena
    where network equipment vendors are selling small devices marked as
    "hubs" that are really switches. For most purposes this doesn't matter,
    and in fact is just a free upgrade. But if you're trying to use the hub
    as a network monitoring tap, you're SOL.

    Test: put the hub on some other network that you *know* is carrying
    normal IP traffic and see if you see anything.

    Crispin 

    -- 
Crispin Cowan, Ph.D.           http://immunix.com/~crispin/
Chief Scientist, Immunix       http://immunix.com
            http://www.immunix.com/shop/
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Mike Cain: "RE: Router Internet Monitoring [bcc][faked-from]"

    Relevant Pages

    • Re: Backup to USB works but to NAS fails
      ... On windows it's a setting in the network card settings and usually ... On a HUB ALL data is transmitted to ALL ports. ... cards are 'paralel tasking' and perform the MAC inspection at the card. ... One switch is not the same as the next.. ...
      (microsoft.public.windows.server.sbs)
    • Re: Backup to USB works but to NAS fails
      ... On windows it's a setting in the network card settings and usually ... On a HUB ALL data is transmitted to ALL ports. ... Getting this up to 100Mb/s lan speed (either back-to-back or upgrade ... One switch is not the same as the next.. ...
      (microsoft.public.windows.server.sbs)
    • smallest possible network, was Re: VOIP with a linksys PAP2
      ... > ethernet port) and the VOIP device both into the hub. ... Insert the other of the RJ-45 cable to a network hub, switch, ... Connect the power adapter plug to the WL-330g DC-IN socket. ... Connect the network hub, switch, or router power adapter plug to ...
      (Fedora)
    • Re: use ipchains to block all ports > 60,000
      ... Now what version of ssh is ... Put the suggested hub between the box and the internet, ... >> By temporarily breaking the network connection and inserting a hub ... evidence of users you know not of appearing on ...
      (comp.os.linux.security)
    • Re: Printer Sharing XP Home w/ SP2
      ... network router from Linksys or Netgear costs less than $50. ... If there's a hub in place that's providing shared internet access ...
      (microsoft.public.windowsxp.network_web)