The Interceptor is a way to listen in to network traffic as it flows past.
The Interceptor does away with the wired monitor port and instead spits out the traffic over wireless meaning the listener can be anywhere they can make a wireless connection to the device. As the data is encrypted (actually, double encrypted, see how it works) the person placing the tap doesn’t have to worry about unauthorized users seeing the traffic.
Here are some possible situations for use:
- Penetration testing – If you can gain physical access to a targets office drop the device between the office printer and switch then sit in the carpark and collect a copy of all documents printed. Or, get an appointment to see a boss and when he leaves the room to get you a drink, drop it on his computer. The relative low cost of the Fon+ means the device can almost be considered disposable and if branded with the right stickers most users wouldn’t think about an extra small box on the network.
- Troubleshooting – For sys-admins who want to monitor an area of network from the comfort of their desks, just put it in place and fire up your wireless.
- IDS – If you want to see what traffic is being generated from a PC without interfering with the PC simply add the Interceptor and sit back and watch. As the traffic is cloned to a virtual interface on your monitoring machine you can use any existing tools to scan the data.
The Interceptor 1.0 | |
Platform: | Linux |
Last update: | 18 March 2009 |
Developer: | Robin Wood |
File type: | .tar.bz2 |
File size: | 33 Kb |
License: | Creative Commons |
Categories: | Analyzers Monitoring Networking Wireless |
Downloads: | 36 |