How I can monitor Ethernet's packets through a "null modem of ethernet interface" or connection direct (in a serial port RS232 or USB) with WireShark. asked 08 Feb '12, 16:49  Walter edited 28 Feb '12, 19:49  cmaynard ♦♦ |
One Answer:
Well, to do it with an RS-232 device, the first step would be to get an RS-232 serial port that runs at the same speed as your Ethernet. That's not likely to happen - I know of no RS-232 ports that can run at 10 megabits/second, much less the speed of modern Ethernets - so, unless the Ethernet has next to no traffic on it, even if somebody were to make a device that transfers Ethernet packets over an RS-232 interface, it wouldn't be able to capture most of the traffic on the Ethernet. To do it with a USB device, get a USB Ethernet interface, plug it into the Ethernet in question, and capture on that interface. This is no different from capturing on any other type of Ethernet interface; see the Wireshark Wiki page on Ethernet traffic capture for information, including information about capturing on switched networks (which is more difficult than capturing on non-switched networks). answered 08 Feb '12, 20:29  Guy Harris ♦♦ |
