Construction and Use of a Passive Ethernet Tap article provides straightforward instructions on how to construct and use a passive Ethernet tap. It allows you to monitor Ethernet traffic on with any hub or switch and any operating system. A passive Ethernet tap is useful when installing an intrusion detection system (IDS) sensor or when snooping Ethernet traffic. I have used this passive Ethernet Tap for successfully monitoring 10 Mbit/s and 100 Mbit/s Ethernet traffic.
This circuit is a widely used hack. It is a hack in a sense that it is not technically up to the specifications an Ethernet device should need, but it is simple and works pretty well in most cases. The simple construction method used in this circuit creates impedance mismatches to the communications line, which are not good for the communications. But because Ethernet is pretty robust technology this “not so good” system works well enough when we are not using the Ethernet up to it’s extreme limits. The Ethernet communications is designed to work up to 100 meters cable length when properly wired. When you use considerably shorter cables, there is more room for different kind of imperfections on the communications line, for example imperfections like this passive tap. When I have kept the main communications line cables less than 10 meters in length and the tap cables 2-3 meters long everything has worked well.







