Menu
What's new
By:
Filters Better Search

Hub, Tap, or Spanning Port

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

J

jsciii

New Around Here
I'd like to insert a sniffer between my DSL modem and my home wifi router. Of course, I'd like to be able to take the sniffer out of service without interrupting the flow of data.

So, I'd say my choices are 1) insert a tap in the line between the modem and the router, 2) insert a switch that will allow me to configure a spanning port, or 3) insert a hub.

I can buy a used HP AdvanceNet hub for about $50 including shipping.

Is there a better (smaller, cheaper, more reliable, or easier to use) hub, spanning port, or tap I should be considering.

Jamie Campbell
 
Hi Jamie,
1. A real network tap of the sort you would need is quite an expensive item, they start around $500

2. Netgear makes a desktop switch that has some logic on it that is capable of doing port mirroring. They call this line the Pro-Safe Plus, as it's semi-managed, meaning there is a windows app that allows you to set up some big-switch type functions. The one I'm using is a GS105e, 5 ports, does a number of things including port mirroring. I paid around $50 bucks for it. I like it. It isn't a howling, fan-grinding monster like the pile of old Cisco gear I keep for my lab, and it lets me run Security Onion and catch most of my traffic, given that I run it behind my wireless router.

3. Hubs are done. Don't put one in your network.

4. Thinking about it, you might have some issues trying to run any device between your Gateway box and your ISP. i don't have any experience with trying it, but I can think of a couple of ways that might cause issues with your ISP. Have you considered flashing a router with an image that will allow you to run an IDS on the router itself?

Hope this is helpful

Best
Pic
 
Thanks, Pic,

Your reply started me looking at managed switches. I had no idea that they could be purchased on a home user's budget. The Netgear Pro-Safe Plus appears to have some neat features for just a few dollars more than the old HP.

I think that I will be OK with the switch between the ISP's modem and my gateway. Of course, I'll have to remember that the IPs won't have got through NAT yet. I like the idea of being outside the router so that I will be able to see attempts to compromise the router.

I've wanted to venture into intrusion detection for years, but it wasn't until I decided to replace my media center laptop with a ROKU (rather than pay to upgrade Windows XP) that I had a spare system to devote to the project. (And, of course, before I get a flood of messages, the NEXT time I get a spare PC, I'll make myself a Linux media center.)

Thanks again,

Jamie
 
You must log in or register to reply here.

Similar threads

SysXpl
USB Hub for Asus RT-AX88U?
Replies
16
Views
822
bennor
B
R
Provider gave me Sagecom Giga Hub FAST 5689E for Fibe 1.5 Gigabit - Am I still better off with AC68 or AC86 as a router?
Replies
16
Views
2K
coxhaus
C
K
Disable disk spin down by some id: serial number, partition label or UUID
Replies
1
Views
194
ksa
K
T
Router upgrade from VirginMedia Hub 3
Replies
7
Views
762
touchdownboy
T
G
TV 100Mbps ok behind router, but not behind switch
Replies
17
Views
464
sfx2000
sfx2000

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 942 (members: 23, guests: 919)
Top