LinuxQuestions.org - Installing a Network tap

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Installing a Network tap (https://www.linuxquestions.org/questions/linux-networking-3/installing-a-network-tap-496887/)

Installing a Network tap

Hello All

I'd like to install a network tap on my network to monitor traffic. what package is best to perform this task? Is this the best way to install the tap?

firewall
Green interface --------> net tap -------> Router

thanks,

well a network tap is a hardware doohickey, not software, you would make up a special network adapter which contains multiple wires on the TX ports on a certain interface. if you want to do it in software then you can run an app like wireshark on either box if they are running linux of windows

Quote:

Originally Posted by acid_kewpie

Thanks, wireshark is what I use now. I know and read that it's hardware that can do it. I assumed that I can build a box and drop in 2 nics in it. One of the nics would be point a, and the other would be point b. You'd capture traffic between points a and b. There has to be some kind of software that would do this? In essence creating the tap, (network monitoring PORT). Network General has these boxes, I've seen them in production for upstream and downstream traffic. I'd like to build a linux version.

well that's a bridge. a tap is a 100% monitor only, at electrical signal level. if you install a box and just configure two nics with the kernel bridge module you'll basically have a 2 port switch. then you can just run wireshark against that single bridged interface, br0.