Ethereal-users: Re: [Ethereal-users] How can I capture all PPP Frames

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Markus Schaber <markus.schaber@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 May 2001 14:31:28 +0200
Hello,

"webmaster@xxxxxxxxxxx" wrote:

> i want to capture all PPP Frames of a PPP connection with my Linux box and
> Ethereal. The problem is that the interface ppp0 is dynamically available
> AFTER the connection setup phase. (There is no capture device before the
> connection was completly established) But I want those PPP frames from the
> connection setup phase (authentication etc.) to be captured too.

When your PPP connection goes out with a serial line (RS323), there's a
"hardware" solution: When the cable length is reasonably short, and you
use software handshaking, you can use a PC with two serial interfaces to
sniff the connection (you can also add a multi IO board to your "normal"
PC. Simply make an Y-cable that connects both data wires (send +
receive) each to one recieve pin of the sniffing machine. Then you can
read both directions. 

This doesn't solve the packet dissectoring problem, but you get the
data. A friend of mine used this setup to reverse-engineer a proprietary
protocol for some hardware he once used.

markus
-- 
Markus Schaber - http://www.schabi.de/

Heirate nie, um Deine Sorgen zu verscheuchen, 
denn dann hast Du eine Scheuche zu versorgen.