next up previous
Next: Fundamentals Up: Receive-only UTP cables and Previous: Receive-only UTP cables and

Introduction

A sniffer can be an excellent tool to understand and fix problems in network traffic, although one may also be used by an attacker to steal critical information.

The widespread use of NIDS (Network Intrusion Detection Systems) from the mid-1990s onwards, and the popularity of Honeynets in the last few years have increased the importance of sniffer user. Nowadays, these tools play an increasingly important role in network security.

Receive-only (or uni-directional) UTP (Unshielded Twisted Pair) cables are standard (RJ45) cables manually modified to allow only the data-receive signal. Therefore, communication capabilities are modified at the physical layer and for this reason are very effective. Further, this solution is very cheap and simple to build, and since it does not interfere with traffic, it has no impact on network performance.

In this article I will explain how to build these cables in a few easy steps and also discuss Network Taps.


next up previous
Next: Fundamentals Up: Receive-only UTP cables and Previous: Receive-only UTP cables and
Diego González Gómez
dggomez (at) users.sourceforge.net
2004-07-05