Ethernet Sniffing Embeded Device I recently dug out some prototyping equipment from the trash and I want out figure out what the heck it is. It has a port labelled 'Ethernet' and when I plug it into a router the light...--prophetes.ai

Ethernet Sniffing Embeded Device I recently dug out some prototyping equipment from the trash and I want out figure out what the heck it is. It has a port labelled 'Ethernet' and when I plug it into a router the lights flash like its trying to pull an ip but it does not. My router is running DD-Wrt and I have a netbook with Knoppix I can use on the router. How could I go about sniffing the communication and figure out what IP the device wants and how to communicate with it?

Perhaps the easiest way is to use your netbook - just because you don't have to filter out unrelated traffic later. You can use `tcpdump` to dump all traffic on your ethernet device. After starting up `tcpdump` you connect your equipment. After nothing flashes any more you disconnect it and you can look at the dump with `wireshark`. The dump should contain ARP/dhcp etc. related traffic that originates from the trashed equipment.

For example as root:

# ifconfig
(to checkout which ethernet device to capture)
# tcpdump -ieth0 -w my.dump -s0
Ctrl+C or Ctrl+\ after some time

As normal user under X11:

$ wireshark my.dump