Re: Capture packet from remote device

["Saulpaugh, Chris" <Chris.Saulpaugh () sdsheriff org>]

Check this URL for a low cost switch used for port mirroring.

http://www.dual-comm.com/OnlineShop.htm 

Model DCGS-2005 (Gb) or DCSW-1005 (100 Mb)

Or

http://www.netgear.com/products/business/switches/prosafe-plus-switches/gs105e.aspx 

Note: Feedback online suggests getting the Dual-Comm unit instead of the NetGear as the NetGear has some quirks 
regarding configuration setup that can impact port mirroring effectiveness.

Cheers,
Chris
-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Pedro 
Tumusok
Sent: Thursday, September 09, 2010 8:27 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Capture packet from remote device

Hi,

If you read the link, you will see that you need either more equipment or read up on doing MITMA or Macflooding.
My suggestion is to get a switch that actually supports Monitor/SPAN, its the easiest way to do the job and get a quite 
good result.
How to then setup the switch, depends on the switch you use.

Best Regards
Pedro Tumusok

On Thu, Sep 9, 2010 at 5:11 PM, Gopalakrishnan A.N <saigop () gmail com> wrote:
> Ok, so I can capture a traffic of Host B from Host A in a same network 
> connected with switch by viewing the diagram in the provided link.
>
> Can you please let me know how to do this...like do I need to give the 
> Host B MAC address or IP address in Host A or any thing else...
>
>
>
> On Thu, Sep 9, 2010 at 8:24 PM, Stephen Fisher 
> <steve () stephen-fisher com>
> wrote:
> > On Thu, Sep 09, 2010 at 06:09:08PM +0530, Gopalakrishnan A.N wrote:
> >
> > > The traffic flows between SPA3102 and other SPA3102 and my computer 
> > > is in the same network... from my computer's wireshark is it 
> > > possible to capture the packets of both the SPA3102 device which is 
> > > in the same network.
> >
> > Generally, no, because switches do not flood unneeded traffic (that 
> > which is not destined for the machine on that port) out all ports 
> > like a hub does.  This page should be of help to you:
> >
> >        http://wiki.wireshark.org/CaptureSetup/Ethernet
> >
> > Along with the main capture setup page:
> >
> >        http://wiki.wireshark.org/CaptureSetup
> >
> >
> > _____________________________________________________________________
> > ______ Sent via:    Wireshark-users mailing list 
> > <wireshark-users () wireshark org>
> > Archives:    http://www.wireshark.org/lists/wireshark-users
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> >
> > mailto:wireshark-users-request () wireshark org?subject=unsubscribe
>
>
>
> --
> Thank you  with regards,
> Gopalakrishnan A.N,
>
>
>
> ______________________________________________________________________
> _____ Sent via:    Wireshark-users mailing list 
> <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             
> mailto:wireshark-users-request () wireshark org?subject=unsubscribe



--
Best regards / Mvh
Jan Pedro Tumusok

I know you love me
And you want to be Friends
And if you dont
at least you need to pretend
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe