[ale] Wireshark newbie-Q: Promiscous capture
John Mills
johnmills at speakeasy.net
Tue Apr 28 20:56:39 EDT 2009
All -
Thanks for the comments. I actually have two consumer-grade Ethernet
junctions: one (Fry's no-name) calls itself a switch, the other (Netgear)
calls itself a hub. I think I tried all the configurations, but maybe not.
I'll have another run at it.
Screening with 'tcpdump' to see what traffic is visible at the port is an
excellent idea. Then I would know if the problem is filtering or topology.
I many come back with more questions.
- Mills
On Tue, 28 Apr 2009, Chris Fowler wrote:
> On Tue, 28 Apr 2009 18:10:17 -0400
> Robert Coggins <ale at cogginsnet.com> wrote:
>> If you are on a switch you may not be able to capture the packets for
>> other IPs. You need a hub. Unless I am missing something else
>> here...
> Correct. If you want to do this on a switch then you need a switch
> that will mirror ports for the purpose of sniffing. Cisco is one such
> example.
More information about the Ale
mailing list