Wireshark mailing list archives
Re: Looking for a portable sniffing-friendlyhub/switch
From: Kok-Yong Tan <ktan () realityartisans com>
Date: Mon, 12 Apr 2010 16:15:25 -0400
The differing number of twists per inch in each pair of wires (which is why each pair always reads different lengths when you apply something like a Fluke meter to the 4-pair cable) is what gives data- grade cables its basic resistance to RF interference for unshielded twisted pair (the shield provides additional protection for shielded twisted pair). If you untwist them beyond the 0.5" at the ends allowed by specifications, you're basically removing all such resistance to RF interference and introducing additional issues such as retransmissions, etc., that would skew your readings. On Apr 12, 2010, at 15:52, Oldcommguy - Tim wrote:
The DIY tap actually works....depending on how well one follows directions. For VoIP with a SPAN port , please remember, there will not be any jitter and loss frames for your analysis. Other than that it is all about connections, setup,,,etc. Another DIY - http://www.instructables.com/id/Make-a-Passive- Network-Tap/ Good Sniffing..... -----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Lee Sent: Monday, April 12, 2010 3:00 PM To: Community support list for Wireshark Subject: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch One difference between the $1K tap and the DIY version might be that the expensive one will work wherever you put it in your network. The DIY version instructions to Strip the cat 5 cable and untwist all the individual wires. I believe makes it not cat 5 any more. It's probably still good enough for it's intended purpose - ie. at home & cheap - but maybe not such a great idea to use on a critical link at work. (which isn't going to stop me from trying to make one myself :) Thanks for the link to the DIY taps - I hadn't seen those before. Regards, Lee On 4/12/10, RUOFF, LARS (LARS)** CTR ** <lars.ruoff@alcatel- lucent.com> wrote:Hi, thanks to all who have contributed! First of all, i'd like to say that i fully understand the point of the TAP advocats. But I should have added that most of my sniffing use cases are related to network or application layer stuff (mostly VoIP) on low bandwidth links. So with this in mind, i go 100% with the comment of Martin and think thataport mirroring switch will do the job better for most of my needs. (But i'm still looking forward to use a tap sometime) As for another provocative question to through into the arena, what's the difference between this one... http://www.networktapstore.com/10-100-1000-TAP.asp ($1,095.00! *yuck*) ...and that one: http://hackadaycom.files.wordpress.com/2008/09/tap.jpg?w=450&h=291 ;-) or for some more details:http://thnetos.wordpress.com/2008/02/22/create-a-passive-network- tap-for-you r-home-network/http://www.enigmacurry.com/category/diy/ What are the limits of the second type of "solution" in practice? Another question, purely technical: When using a tap, what's the sniffing process: Sniff simultaneously on 2 NICs on same PC (2x dumpcap), then merge thefileswith mergecap? Any other hub/switch recommendations? PS: I will add the info to the Wiki. thanks, regards, Lars-----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Guy Harris Sent: dimanche 11 avril 2010 22:00 To: Community support list for Wireshark Subject: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch On Apr 11, 2010, at 12:56 PM, Guy Harris wrote:The right place might be http://wiki.wireshark.org/CaptureSetup/Ethernet as it already has some information on this.I've added a link to that from the front page, just as there's a link to CaptureSetup/WLAN.
-- Reality Artisans, Inc. # Network Wrangling and Delousing P.O. Box 565, Gracie Station # Apple Certified Consultant New York, NY 10028-0019 # Apple Consultants Network member <http://www.realityartisans.com> # Apple Developer Connection member (212) 369-4876 (Voice) # My PGP public key can be found at <https://keyserver.pgp.com> ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Looking for a portable sniffing-friendlyhub/switch, (continued)
- Re: Looking for a portable sniffing-friendlyhub/switch Oldcommguy - Tim (Apr 09)
- Re: Looking for a portable sniffing-friendlyhub/switch Martin Visser (Apr 09)
- Re: Looking for a portable sniffing-friendlyhub/switch Oldcommguy - Tim (Apr 10)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 10)
- Re: Looking for a portable sniffing-friendlyhub/switch Jaap Keuter (Apr 10)
- Re: Looking for a portable sniffing-friendlyhub/switch Guy Harris (Apr 11)
- Re: Looking for a portable sniffing-friendlyhub/switch Guy Harris (Apr 11)
- Re: Looking for a portable sniffing-friendlyhub/switch RUOFF, LARS (LARS)** CTR ** (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Oldcommguy - Tim (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Kok-Yong Tan (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch Lee (Apr 12)
- Re: Looking for a portable sniffing-friendlyhub/switch RUOFF, LARS (LARS)** CTR ** (Apr 14)
- Re: Looking for a portable sniffing-friendlyhub/switch dan meyer (Apr 14)
- Re: Looking for a portable sniffing-friendly hub/switch Oldcommguy - Tim (Apr 09)
- Re: Looking for a portable sniffing-friendly hub/switch Jake Peavy (Apr 09)
- Re: Looking for a portable sniffing-friendly hub/switch Alex Lindberg (Apr 09)