Building a one-way ethernet cable

A Sans student of mine wrote to me wondering how to set up a one-way ethernet cable. The one way cable is very useful for any device that only needs to sniff traffic.

Here are the url's I've found for building a one-way cable, in no particular order. I don't personally like the "insert a capacitor" or detune the transmit pair by untwisting it" approaches; I tend to like the "take the strands that connect to the recieve pair on the switch, pull them out of the bundle, and plug them into the transmit pair on the next port on the switch" approach (see the note from Rob after the URL's).

One suggestion on the honeypots mailing list:

From: "Rob" 
To: "Honeypots" 
Subject: One Way Cable
Date: Tue, 20 Nov 2001 23:05:01 -0500

Just in case anyone is interested.

Pin outs.  They are reversed in the picture in order to prevent lines from
crossing, and I only included the pins used.

HUB PORT 1              HUB PORT 2
----------              ----------
x x r r                 r r x x
6 3 2 1                 1 2 3 6
| | | |			    | |
| | | ----------------------  |
| | --------------------------
| |
| |
| |
| |
6 3 2 1
r r x x
-------
SNIFFER

x = xmit
r = rcv

Again,  I've only seen this work on netgear single speed hub (both 100 and
10).  Let me know if you have any problems.  I drew this diagram from the
noggin.  You could make it a single cable by adding a battery to simulate
the voltage from the xmit cables on the nic, but batteries die.

Rob

William is an Open-Source developer, enthusiast, and advocate from New Hampshire, USA. His day job at SANS pays him to work on network security and Linux projects.

Last updated 4/8/2004.