Wanted: Network tracing "Swiss army knife"

A lot of my work involves network tracing (hence my recent wiki page), and it would be great if i could do this with a really simple, transportable device. Ideally it would have these characteristics:

  • Pocket-sized, lightweight
  • Two Gigabit Ethernet ports configured as a bridge, so that it can be placed inline on any network connection without affecting traffic flow.
  • LEDs for each interface indicating link, incoming packets, link speed, and ideally, duplex and POE settings. Whenever one of the network interfaces becomes active, a packet capture of all traffic in libpcap format would be started automatically. The file would be named for the date and time of the start of the capture.
  • 1-2 GB RAM for storing packet captures
  • USB 2.0 interface, which would be used for retrieving packet captures from the device (which would appear as a USB flash disk)
  • NTP support so that packet captures are always accurately timed and named
  • Powered via USB or a rechargeable battery (which itself would be charged via USB)

Some nice to have features:

  • DHCP client which records results in a separate file alongside packet captures
  • Linux distribution bootable via USB
  • Other suggestions gratefully received! 🙂


Source: libertysys.com.au

Leave a Reply