Jun 8th 2017
Know How... 317
Networking 102 - Part 5: Taps
Why, where and how to tap your network and monitor traffic!
We go over the basics of how to monitor traffic on your network using taps and Wireshark!
Let's Talk Taps!
midBit Technologies: SharkTap Gigabit Ethernet Sniffer
* PoE Passthrough
* 350mA draw at 5volts (USB Powered)
* Auto-MDIX
* Aggregates both sides of the conversation to the receive port on the tap
-- (This DOES mean that if the total aggregate bandwidth exceeds 1Gbps, packets will drop
* Drops any packets going into the Tap port
Step 1: Get a Tapping device
* Gig, 10/100, aggregating, tap, hub, SPAN/Mirror port
* See episode 63 of “Know How”
* Padre prefers the Netoptics Gig Zero Delay Tap – But that runs $700-$1000 USED!
* A much more affordable option is the “Throwing Star LAN Tap Pro” from the HakShop - $39.99
* But my new AFFORDABLE favorite is the SharkTap
Step 2: Get a device capable of receiving the tap data stream
* Anything with a WIRED port that is capable of receiving the full speed of your chosen tap
* USB adapters are fine, but remember that USB 2.0 devices top out at 480Mbps. If you’re using a Gig tap, you’ll drop traffic once the pipe is less than half full.
Step 3: Get Wireshark (www.wireshark.org)
* Mac/PC/Linux – 32/64bit – Choose the version that is right for you.
Step 4: Choose where to place your tap
* The tap will capture the traffic going between the two devices on either side of the tap.
* Tapping the Externals will give you ALL devices on your network.
* Tapping the Wireless AP will give you ONLY the devices connected wirelessly
* Tapping a specific desktop/laptop/set-top box will give you ONLY that traffic
Connect with us!
- Don't forget to check out our large library of projects at https://twit.tv/shows/know-how.
- Join our Google+ Community.
- Tweet at us at @PadreSJ, @Cranky_Hippo, and @Anelf3.
Thanks to CacheFly for the bandwidth for this show.