Wireshark · Wireshark-users: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch

Wireshark-users: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch

From: "RUOFF, LARS (LARS)** CTR **" <lars.ruoff@xxxxxxxxxxxxxxxxxx>

Date: Mon, 12 Apr 2010 10:32:39 +0200

Hi,
thanks to all who have contributed!
First of all, i'd like to say that i fully understand the point of the TAP advocats.
But I should have added that most of my sniffing use cases are related to network or application layer stuff (mostly VoIP) on low bandwidth links.
So with this in mind, i go 100% with the comment of Martin and think that a port mirroring switch will do the job better for most of my needs.
(But i'm  still looking forward to use a tap sometime)

As for another provocative question to through into the arena, what's the difference between this one...
http://www.networktapstore.com/10-100-1000-TAP.asp
($1,095.00! *yuck*)

...and that one:
http://hackadaycom.files.wordpress.com/2008/09/tap.jpg?w=450&h=291
;-)

or for some more details:
http://thnetos.wordpress.com/2008/02/22/create-a-passive-network-tap-for-your-home-network/
http://www.enigmacurry.com/category/diy/

What are the limits of the second type of "solution" in practice?

Another question, purely technical:
When using a tap, what's the sniffing process:
Sniff simultaneously on 2 NICs on same PC (2x dumpcap), then merge the files with mergecap?

Any other hub/switch recommendations?

PS: I will add the info to the Wiki.

thanks,
regards,
Lars

> -----Original Message-----
> From: wireshark-users-bounces@xxxxxxxxxxxxx 
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Guy Harris
> Sent: dimanche 11 avril 2010 22:00
> To: Community support list for Wireshark
> Subject: Re: [Wireshark-users] Looking for a portable 
> sniffing-friendlyhub/switch
> 
> 
> On Apr 11, 2010, at 12:56 PM, Guy Harris wrote:
> 
> > The right place might be
> > 
> > 	http://wiki.wireshark.org/CaptureSetup/Ethernet
> > 
> > as it already has some information on this.
> 
> I've added a link to that from the front page, just as 
> there's a link to CaptureSetup/WLAN.
> ______________________________________________________________
> _____________
> Sent via:    Wireshark-users mailing list 
> <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>              
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>

Follow-Ups:
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Lee

References:
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Ian Schorr
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Alex Lindberg
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Oldcommguy - Tim
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Martin Visser
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Oldcommguy - Tim
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Jaap Keuter
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Guy Harris
- Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
  - From: Guy Harris

Prev by Date: Re: [Wireshark-users] strange ping behavior
Next by Date: [Wireshark-users] Time zone of the packet capture
Previous by thread: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
Next by thread: Re: [Wireshark-users] Looking for a portable sniffing-friendlyhub/switch
Index(es):
- Date
- Thread