Wireshark-users: Re: [Wireshark-users] Capture packet from remote device

From: "Gopalakrishnan A.N" <saigop@xxxxxxxxx>
Date: Wed, 15 Sep 2010 23:31:30 +0530
Through hub I am able to capture the traffic of two devices in the same network.

On Thu, Sep 9, 2010 at 9:17 PM, Saulpaugh, Chris <Chris.Saulpaugh@xxxxxxxxxxxxx> wrote:
Check this URL for a low cost switch used for port mirroring.

http://www.dual-comm.com/OnlineShop.htm

Model DCGS-2005 (Gb) or DCSW-1005 (100 Mb)

Or

http://www.netgear.com/products/business/switches/prosafe-plus-switches/gs105e.aspx

Note: Feedback online suggests getting the Dual-Comm unit instead of the NetGear as the NetGear has some quirks regarding configuration setup that can impact port mirroring effectiveness.

Cheers,
Chris
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Pedro Tumusok
Sent: Thursday, September 09, 2010 8:27 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Capture packet from remote device

Hi,

If you read the link, you will see that you need either more equipment or read up on doing MITMA or Macflooding.
My suggestion is to get a switch that actually supports Monitor/SPAN, its the easiest way to do the job and get a quite good result.
How to then setup the switch, depends on the switch you use.

Best Regards
Pedro Tumusok

On Thu, Sep 9, 2010 at 5:11 PM, Gopalakrishnan A.N <saigop@xxxxxxxxx> wrote:
> Ok, so I can capture a traffic of Host B from Host A in a same network
> connected with switch by viewing the diagram in the provided link.
>
> Can you please let me know how to do this...like do I need to give the
> Host B MAC address or IP address in Host A or any thing else...
>
>
>
> On Thu, Sep 9, 2010 at 8:24 PM, Stephen Fisher
> <steve@xxxxxxxxxxxxxxxxxx>
> wrote:
>>
>> On Thu, Sep 09, 2010 at 06:09:08PM +0530, Gopalakrishnan A.N wrote:
>>
>> > The traffic flows between SPA3102 and other SPA3102 and my computer
>> > is in the same network... from my computer's wireshark is it
>> > possible to capture the packets of both the SPA3102 device which is
>> > in the same network.
>>
>> Generally, no, because switches do not flood unneeded traffic (that
>> which is not destined for the machine on that port) out all ports
>> like a hub does.  This page should be of help to you:
>>
>>        http://wiki.wireshark.org/CaptureSetup/Ethernet
>>
>> Along with the main capture setup page:
>>
>>        http://wiki.wireshark.org/CaptureSetup
>>
>>
>> _____________________________________________________________________
>> ______ Sent via:    Wireshark-users mailing list
>> <wireshark-users@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
> --
> Thank you  with regards,
> Gopalakrishnan A.N,
>
>
>
> ______________________________________________________________________
> _____ Sent via:    Wireshark-users mailing list
> <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>            
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>



--
Best regards / Mvh
Jan Pedro Tumusok

I know you love me
And you want to be Friends
And if you dont
at least you need to pretend
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe



--
Thank you  with regards,
Gopalakrishnan A.N,