How to turn an old laptop into an ethernet sniffer

I had to investigate the network traffic of an ethernet-bound device. My plan was to visualize the data sent and received on my laptop using wireshark or similar tools.

Surpriningly this is quite simple: I ordered an USB-Ethernet Adapter, plugged it into my Linux Laptop. After that ifconfig did show a new ethernet device. Plug the the two adapters in between the cable you want to captutre the traffic on.

To enable the laptop to capture the pakets you have to configure a bridge, which can be done via this script:

#!/bin/sh

iface0=eth0
iface1=enx00e04c534458

ifconfig $iface0 -arp promisc 0.0.0.0 up
ifconfig $iface1 -arp promisc 0.0.0.0 up
brctl addbr br0
brctl addif br0 $iface0
brctl addif br0 $iface1
ifconfig br0 -arp promisc 0.0.0.0 up

iface0 is my builtin ethernet plug, iface1 the usb adapter. brctl needs bridge-utils to be installed on your system.

After executing the script wireshark can be started and all the traffic can be captured using the interface br0

IMG_20151121_165623

Inserted USB ethernet adapter

Advertisements
This entry was posted in Hardware, Linux. Bookmark the permalink.

One Response to How to turn an old laptop into an ethernet sniffer

  1. mateuszadamowski says:

    Just bought 2 of these. Both of them have identical MAC. The same one as yours 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s