manualshive.com logo in svg

CRU 31030-1577-0000, User Manual

Share
Download
CRU 31030-1577-0000 User Manual Download Page 7

7

Protecting Your Digital Assets

TM

Ditto Network Tap Module User Manual

3.3.2 Live Capture Settings

When enabled, this service runs continuously in the background and streams captured data in realtime 
over the network to a remote monitor using the third-party Wireshark network protocol analyzer. See 
Section 4.1.1 for more information.

• 

Auto Start:

 Set this value to ‘Enabled’ to turn on live capture as soon as the Network Tap Module 

is powered on. Set this value to ‘Disabled’ if you want the user to choose when to start the live 
capture service in the Browser Interface.

• 

Port:

 This is the port that the Network Tap Module uses to talk to the third-party network protocol 

analyzer software. The default port is 2002.

• 

Username:

 The username used by the third-party network protocol analyzer software. 

• 

Password: 

The password used by the third-party network protocol analyzer software. 

3.3.3 Advanced Settings

• 

Buffer Size:

 Sets the the buffer size used by the Network Tap Module during a network capture 

action. The minimum size is 512K (kilobytes). The default size of 16M (megabyte) works best for 
most use cases. Click the   

Information icon

 for more information. 

• 

MTU: 

If you are using the Network Tap Module on a network that’s confi gured to a non-standard 

maximum transmission unit size (e.g. it uses jumbo frames), then set this fi eld to match that value. 
Most Ethernet LANs will use the standard MTU of 1500. The commonly accepted range for a valid 
MTU is 68 to 65,535 as defi ned in RFC 791. Click the   

Information icon

 for more information. 

• 

Link Speed:

 Allows you to set the Ethernet connection speed throughput. In most cases, ‘Auto 

Negotiate’ will work. If you experience problems staying connected, you may need to change the 
speed to match what your network’s capabilities are.

3.4 USING AND CONFIGURING NETWORK CAPTURE FILTERS

Insert the SD Card containing your network capture fi lter(s) into the Network Tap Module and your custom 
network capture fi lters will become available in the “Network Capture Filter” drop-down box when con-
fi guring a “Network Capture” action. You may also add subdirectories that contain one or more network 
capture fi lter XML fi les to the DittoNetCapFilter directory. 

To add or edit your own network capture fi lter, choose the way that works best for your usage scenario. 

3.4.1 Filter Creation Via Web Browser

a.  Insert the SD Card into the SDCard slot on the rear of the Network Tap Module.

b.  Using the Browser Interface, select 

Network Capture

 from the “Action to Perform” drop-down 

box.

c.  If you are editing an existing network capture fi lter that you created, select it from the “Network 

Capture Filter” drop-down box.

d.  Type in the ports you wish to capture in your network capture fi lter in the text box directly below the 

“Network Capture Filter” drop-down box (see Figure 3). Use the word ‘or’ to separate each port.

e.  Click the 

Save button

. The “Save Network Capture Filter” dialog box will pop up (see Figure 4). 

Summary of Contents for 31030-1577-0000

Page 1: ...c FieldStations Captures Internet and VOIP traffic with virtually no packet loss Captures sustained 10 100 Mbps network traffic and short burst gigabit network traffic Filter and capture network traffic to a tcpdump Wireshark compatible PCAP file Optional live capture stream rpcap interface for Wireshark Fail safe design continues passing through network traffic if power is lost Packet loss is a f...

Page 2: ... Contents 2 1 2 Identifying Parts 2 1 3 How to Use the Network Tap Module 3 2 Setup 3 3 Network Tap Functionality 3 3 1 Home Screen 3 3 1 1 PCAP Network Capture 3 3 1 2 Live Network Capture 4 3 1 3 Simultaneous PCAP and Live Network Capture 5 3 2 Configure Screen 5 3 2 1 System 5 3 2 2 Network 6 3 3 Network Capture 6 3 3 1 Network Capture Settings 6 3 3 2 Live Capture Settings 7 3 3 3 Advanced Set...

Page 3: ...Tap Module You may access its settings via the Browser Interface see your Ditto product s user manual or via the Front Panel see Section 3 5 3 NETWORK TAP FUNCTIONALITY The Network Tap Module adds several new actions and functions to the Ditto and Ditto DX browser interface and Front Panel They are listed below 3 1 HOME SCREEN The Network Tap Module adds a Network Capture action to Action panel on...

Page 4: ...nd if hashing is enabled a TXT file that contains each of the generated PCAP files MD5 or SHA 1 hash value see Section 5 1 2 to enable hashing 3 1 2 Live Network Capture a Using the Browser Interface select Network Capture from the Action to Perform drop down box b Select the network capture filter from the Network Capture Filter drop down box or type in the ports you wish to capture in the text b...

Page 5: ...Stop button You can view the log of the PCAP network capture action by scrolling down to the System Log panel on the Home screen Find and click on the latest link which will be denoted by a filename with a date timestamp format S_yyyymmddhhmmss Alternatively you can click on the Logs button from the top menu bar You can view the data retrieved from the PCAP network capture action by examining the ...

Page 6: ...eated on the des tination disk When the number is reached the Network Tap Module will begin overwriting the oldest file on the disk for each new file that is created Set this to 0 to fill the disk until it reaches capacity Image File Segment Size Allows you to specify the size in bytes that each image file should be The minimum size is 1M megabyte The maximum size is limited by the target file sys...

Page 7: ... LANs will use the standard MTU of 1500 The commonly accepted range for a valid MTU is 68 to 65 535 as defined in RFC 791 Click the Information icon for more information Link Speed Allows you to set the Ethernet connection speed throughput In most cases Auto Negotiate will work If you experience problems staying connected you may need to change the speed to match what your network s capabilities a...

Page 8: ...ing structure and place it within the DittoNetCapFilter directory on your SDCard xml version 1 0 encoding UTF 8 All attributes must be in single quotes if they contain double quotes dittoNetCapFilter xmlns xsi http www w3 org 2001 XMLSchema instance xsi noNamespaceSchemaLocation netCapFilter xsd filter title All insert port numbers here separated by the word or filter dittoNetCapFilter The name of t...

Page 9: ...None MD5 SHA 1 SHA 256 MD5 SHA 1 MD5 SW SHA 1 MD5 SHA 1 SW MD5 SHA256 MD5 SW SHA 256 MD5 SHA 256 SW MD5 SW SHA 1 SW MD5 SW SHA 1 SW SHA 1 SW MD5 SHA 1 SW SHA 256 SHA 256 SW MD5 SHA 256 SW or SHA 512 SW NetCap Settings This new section allows you to modify the settings that govern network capture actions NetCap Filter Sets the default network capture filter for the Network Capture action The availa...

Page 10: ...you may need to change the speed to match what your network s capabilities are 4 TECHNICAL SPECIFICATIONS Product Name Ditto Network Tap Module Ditto Family Compatibility Ditto Forensic FieldStation Ditto DX Forensic FieldStation Data Interface Types Speeds 1000BASE T EtherNet up to 1 Gbps USB 2 0 up to 480 Mbps Supported Drive Types External USB HDDs SSDs and media card readers Data Connectors Tw...

Page 11: ...or addition to this warranty In no event will CRU or its suppliers be liable for any costs of procurement of substitute products or services lost profits loss of information or data computer malfunction or any other special indirect consequential or incidental damages arising in any way out of the sale of use of or inability to use any CRU product or service even if CRU has been advised of the pos...

Reviews:

No comments

Brands by name

Popular brands

Load more brands