How to capture ethernet and 802.11 traffiic at once. Use a linux OS PC with wlan interface In a terminal use the following commands: sudo iw dev wlan0 interface add mon0 type monitor sudo ifconfig mon0 up Start wireshark and select wlan0 and mon0 to capture traffic If needed you can add a capture […]
Read More →configure an ACL with the adresses/subnets you want to capture i.e. ip access-list extended BUF-FILTER permit ip host <HOST-1> host <HOST-2> permit ip host <HOST-2> host <HOST-1> Create a buffer with total size and packetsize monitor capture buffer BUFFER size 2048 max-size 1518 linear Associate ACL with BUFFER monitor capture buffer BUFFER filter access-list BUF-FILTER […]
Read More →Turn your PC (OS linux) with multiple interfaces into a filtered tap. Connect your PC eth0 to a span/monitor port on your switch Connnect a Sniffer, APM, IDM or IPS to eth1, eth2 and/or eth3 1. set eth0 promiscious ifconfig eth0 promisc 2. set eth0 to accept data tc qdisc add dev eth0 ingress 3.a. […]
Read More →Turn your PC into a WAN simulator To add a delay of 100 msec tc qdisc add dev eth0 root netem delay 100 msec Note, this is one way delay in the outbound direction To add a delay in the inbound direction modprobe ifb ip link set dev ifb0 up tc qdisc add dev eth0 […]
Read More →