Re: Small hardware network sniffer - quick solution?

[Petr.Kazil () eap nl]

I've improvised a solution that's both small, cheap and easy to implement.

At home I had a spare Speedtouch 546 ADSL modem, which I bought for 70 
euro or so.

Using telnet I accessed the command line interface and set it up like 
this:

1) Disable in-built DHCP server
2) Enable DHCP relaying and point it to our DHCP server
3) Enable port mirroring from port 1 to port 4

Now I'm running the modem as an Ethernet switch:
LAN is on port 1
MY PC is on port 3
SNIFFER is on port 4

It seems to work fine, all office-applications work (IE, Lotus Notes) and 
I can even run portscans through it.
Maybe it's blocking some traffic, but I haven't seen any obvious drops 
yet.

I'm no expert at this, so:

1) Anyone has any experience with abusing modems as programmable hubs?
2) Could I avoid pointing it to a specific DHCP server, so that it would 
become purely "plug&play"?
3) Could it be that the set-up is not as transparent as I think it is?

The manual for the command line can be found here:
http://www.speedtouch.nl/docs/CLIguide_5x6_527.pdf

Not all ADSL modems have this functionality.
My Netgear modem doesn't seem to have a command line interface.

Greetings, Petr


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------