This post is showing how to create a passive ethernet tab using only an ethernet cable and four RJ-45; it is not about creating a good passive ethernet tap, or even to explain what it is, that has already been explained better by others, the result will be ugly, not optimal… but hey, it works!.
Passive ethernet taps will enable you to sniff traffic off a wired network without being noticed for whatever reason you might have, that could be implementing an IDS, traffic monitoring, network forensics or simply spying on others 🙂 google it if you want to know more.
Introduction
I’ll be as simple as possible:
- ethernet cables have 8 wires “4 pairs” numbered from 1 to 8.
- Computers send on “1-2 the Orange pair” and receive on “3-6 Green pair”.
- Switches works the other way around “receives on 1-2” and “send on 3-6”.
SO, If a cable is used to connect a computer with a switch, to sniff the traffic I need a copy of “1-2” and another copy of “3-6”
Process in a glance:
- cut the ethernet cable to “4” cables
- in the “TAP” cables, LEAVE ONLY THE GREEN PAIR!!!
- The passive tap has FOUR elements “so to speak”, one will plug in the computer, one will plug in the switch (so we may have a connection) , then we will have two plugs each will carry the one-way-communications from the computer and the switch.
- Since we will only “receive” communications on the TAP elements using a computer, we will leave “3-6 the green pair” only.
- Connect the computer cable and the switch cable together as normal “each color to the matching color”, I will call this cable “the one connecting the switch and the computer” the “connection cable”….
- Now to the trick,
- connect one of the TAP elements’ green pair to the green pair of the “connection cable” (green solid TO green solid & green dashed TO green dashed)
- connect the other TAP elements’ green pair to the orange pair of the “connection cable” (green solid TO orange solid & green dashed TO orange dashed)
Congratulations, you have a passive ethernet tap that costs almost nothing!
P.S: I had to do this in less than five minutes in a situation where I had no other choice 🙂