Re: Home-made ethernet TAP

[Frank Knobbe <frank () knobbe us>]

On Mon, 2003-08-18 at 23:42, Ryan B. Lynch wrote:
> So here's the question:  this took me ~20 minutes and $10 worth of parts 
> to gin up.  Why the heck do ethernet TAPs cost $400 and up?  I've STFW'd 
> and asked everyone I know who works with Ethernet, but no-one had ever 
> heard of a working homebrew TAP like this.  Am I just using the wrong 
> keywords?

Must be. Some time ago I played with a cable which ended up in the Snort
FAQ as the Read-only cable. There is a similar RO cable with a capacitor
inline (to scramble the send signal) on the Internet. AUI connectors
with the send line cut is another. I also made a cable that split into
two pairs, one for each direction (like your cable). The drawback is
that you would need to combine the traffic flow. Using two NICs like you
have would work, using a buffered switch might be another approach. A
hub might work is the sniffing piece is forced into half-duplex mode
since otherwise the collisions will "eat away packets".

People have been toying with cables and taps like this for a while. But
you are right. This can be done for $20. Why pay $400 for a professional
tap? Some reasons may be liability, warranty and support.

I don't know. I had great success with an RO cable and a cheap $20 hub
(as the tap). Perhaps I should open the hub, scratch some layers on the
pcb away and resell it as a tap.... hmmm... let me think about this...!
:)

Cheers,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part