Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ZWEKNU
The following table lists the pinouts (for reference purposes): Ethernet AUI Pinouts Pin Ethernet Circuit Signal 3 10 DO-A DO-B Data Out Circuit A Data Out Circuit B
1/3
forum.ouah.org/zweknu.htm
3/3/13
ZWEKNU
11 5 12 4 2 9 1 6 13 14
Data Out Circuit Shield Data In Circuit A Data In Circuit B Data In Circuit Shield Control In Circuit A Control In Circuit B Control In Circuit Shield Voltage Common Voltage Plus Voltage Shield (L25 and M25) Protective Ground
Shell PG
Clearly, we're interested in removing the ability of the NIC to Tx and thus give away our presence. Therefore, we need to cut the Data Out lines, pins 3 and 10. That's it. All this buildup for cutting two pins on the transceiver. Hopefully you learned something in the process. Now toss your box on a network, fire up t c p d u m pand have fun. If you have any other methods, I'd love to hear about them. Send me email. PostScript: I've gotten mail from people with some confusion regarding the difference between the NIC and the AUI transceiver itself. This method will not damage the NIC. If it does, you're doing something very wrong. The AUI transceiver is the little box that plugs into the AUI port on your NIC on one side and onto the network (10BaseT/10Base2/etc) on the other. This is the deal that we're hacking up for our Rx-only transceiver, not, I repeat not the NIC itself. Here's a [out of focus, cheapass SunCam] pic of the one that I used. Yours will probably look similar.
PostPostScript: Robert Graham < robert_david_graham@yahoo.com > has come up with a mechanism for 10BaseT Rx-only. Why I personally prefer the AUI approach because once you cut the pins, you're guaranteed
forum.ouah.org/zweknu.htm 2/3
3/3/13
ZWEKNU
not to be transmitting, sometimes all you have is 10BaseT. Check out http://www.robertgraham.com/pubs/sniffing-faq.html. Down towards the middle are some instructions for munging up a 10BaseT bad enough that it hopefully won't work for data but will continue to carry the linkbeat. PPPS: Orlan Franks, III <mailto:orlan@eskimo.tamu.edu> has another good idea: simply take two AUI transceivers, put them back-to-back (with a dual-female AUI cable between them). The following diagram illustrates:
w o r l d-T P / A U I= = = = = =A U I / T P-s n i f f e r x c e i v r x c e i v r
Now simply clip the appropriate pins between the two. In fact, as he points out, you could even use a switch on the cable to switch between Tx/Rx and Rx-only. This is probably the best one yet. You have a bulky cable when you're done, but now you can use a 10BaseT-only card to sniff. PPPPS: It's worth mentioning that another fine solution is simply to run a sniffer that doesn't have a network stack. You can get these for DOS. If there is no network stack, this is entirely undetectable. Of course, that's not real cool if all your protocol analysis runs under t c p d u m por you simply don't want to install DOS.
forum.ouah.org/zweknu.htm
3/3