manualshive.com logo in svg

CRU WiebeTech Ditto Shark, User Manual

The CRU WiebeTech Ditto Shark is an innovative data duplication device designed for high-speed and efficient data cloning. Enhance your productivity with this advanced tool by downloading the free user manual from our website. This manual provides step-by-step instructions, ensuring a smooth operating experience.

Share
Download
background image

8

Protecting Your Digital Assets

TM

CRU Ditto Shark User Manual

c.  Select “NetTap” from the “Interface” drop-down box. 

d.  Select the media from the “Destination” drop-down box that you want Ditto Shark to save your 

captured data.

e.  Select the partition on the destination media you want to capture to from the “Partition” drop-

down box.

f.  Bypass “Live Network Capture” and leave it disabled. 

g.  Click the 

Start button

 to begin capturing network data. When you are fi nished, click the 

Stop 

button

.

You can view the log of the network capture action by scrolling down to the “System Log” panel 
on the “Home” screen. Find and click on the latest link, which will be denoted by a fi lename with a 
date/timestamp format: “S_yyyymmddhhmmss”. Alternatively, you can click on the 

Logs button

 

from the top menu bar.

You can view the data retrieved from the network capture action by examining the destination 
media, which will contain a folder named with the same data/timestamp format: “S_yyyymmd-
dhhmmss”, which includes the PCAP fi les containing the captured data, an XML fi le containing the 
log information of the network capture, and—if hashing is enabled—a TXT fi le that contains each of 
the generated PCAP fi les’ MD5 or SHA-1 hash value (see Section 5.1.2 to enable hashing).

Live Network Capture

a.  Using the Browser Interface, select 

Network Capture

 from the “Action to Perform” drop-down 

box.

b.  Select the network capture fi lter from the “Network Capture Filter” drop-down box or type in 

the ports you wish to capture in the text box directly below that using the syntax “port ## or ##” 
without quotes (e.g. port 80 or 81 or 443)

c.  Disregard the “Interface” and “Destination” drop-down boxes.

d.  Ensure your third party Wireshark network protocol analyzer is standing by to receive data. If you 

need help in confi guring Wireshark itself, click the   

Information icon

 next to “Live Network 

Capture” for a link to Wireshark’s remote capture documentation.

e.  Click the 

Enable button

 next to “Live Network Capture” to turn live network capture on. When 

you are fi nished capturing network traffi c, click the 

Disable button

.

Do 

NOT

 click the Start button! This button actually enables the PCAP network capture function that 

captures network traffi c to your local destination media. It does 

NOT

 enable live network capture.

Figure 8. 

The “Action” section on the “Home” screen, showing 

the options available for the “Network Capture” action.

STOP!

Summary of Contents for WiebeTech Ditto Shark

Page 1: ...ith virtually no packet loss Captures sustained 10 100 Mbps network traffic and short burst gigabit network traffic Filter and capture network traffic to a tcpdump Wireshark compatible PCAP file Optional live capture stream rpcap interface for Wireshark Removable drive carrier for data storage Fail safe design continues passing through network traffic if power is lost Free firmware updates for reg...

Page 2: ...28 11 2 Using NFS and SMB Samba Shares 30 11 3 Using and Configuring Network Capture Filters 31 12 Upgrading Firmware 32 13 Technical Specifications 34 TABLE OF CONTENTS 1 General Information 3 1 1 Package Contents 3 1 2 Identifying Parts 3 1 3 LED Behavior 3 1 4 Thermal Cooling 3 1 5 How to Use the Ditto Shark 4 2 Setup 4 3 Browser Interface 6 3 1 Accessing the Browser Interface 6 3 2 Icons Used ...

Page 3: ... Power Switch SD Card Slot Power Input for AC Adapter RJ45 Gigabit Ethernet Connection NETTAP INTERFACE RJ45 Gigabit Ethernet Connection USB 2 0 Port DP20 Keylock Eject Button DESTINATION INTERFACE Stealth Mode Switch DP20 Status Lights DP20 Carrier eSATA Ports Power Connectors RJ45 Ethernet Connection 1 3 LED BEHAVIOR LED COLOR STATE DESCRIPTION DP20 Power Green Solid The DP20 is powered on DP20 ...

Page 4: ...onfigured it properly using the steps below b Connect the power cable to the rear of the Ditto Shark and turn the Ditto Shark on with the power switch located on the rear of the unit c Press the Down navigation button on the Ditto Shark until you reach the Settings menu see Figure 1 on the Front Panel Then press Enter to view the Settings d Press Up or Down until you reach the Dst Network Settings...

Page 5: ...d to the USB 2 0 port on the NetTap Interface side of the Ditto Shark to enter the static IP address your network administrator gave you If you do not have a keyboard press Back and Enter to scroll the cursor right and left and press Up or Down to increase or decrease the number highlighted by the cursor c When you have finished press Enter until the cursor has moved all the way to the right and t...

Page 6: ...s ICON ACTION Information Opens a window with a brief description of the setting that the information icon appears next to Refresh Refreshes the field that the icon appears next to in order to give updated information Reset Loads the defaults for the setting that the Refresh icon appears next to Add Adds a user defined field to a list of items Remove Removes a user defined field from a list of ite...

Page 7: ... Section 5 4 1 1 Network Capture The Ditto Shark provides two methods of capturing network traffic that can be combined and used simultaneously if you wish The first method captures network traffic and stores it in a series of incre mented PCAP files on the local target destination The second method captures network traffic in real time and outputs it to a remote monitor that uses a third party Wi...

Page 8: ...work capture and if hashing is enabled a TXT file that contains each of the generated PCAP files MD5 or SHA 1 hash value see Section 5 1 2 to enable hashing Live Network Capture a Using the Browser Interface select Network Capture from the Action to Perform drop down box b Select the network capture filter from the Network Capture Filter drop down box or type in the ports you wish to capture in th...

Page 9: ...twork traffic click the Disable button h Click the Start button to begin capturing network data to your local destination media When you are finished click the Stop button You can view the log of the PCAP network capture action by scrolling down to the System Log panel on the Home screen Find and click on the latest link which will be denoted by a filename with a date timestamp format S_yyyymmddhh...

Page 10: ...n creating custom directories and file names see Section 5 9 The Hide button allows you to minimize the panel Click the Edit button to enter information about the Investigator Case Number Evidence Number Description Notes Base directory prefix and a Base filename prefix for a PCAP file Each field is filtered to block non printable ASCII characters Any characters at the file system level that may n...

Page 11: ...nel To see the available space a disk has click the green double arrow icon next in the Used column header see Figure 14 The disk usage will refresh and give an updated amount The Destination Network button allows you to mount an iSCSI NFS or SMB share to the Ditto Shark so that you can capture network data to it For more information see Section 11 4 5 1 View Hexidecimal Data To view a disk s hexi...

Page 12: ...an click on the Logs button from the top menu bar 5 CONFIGURE SCREEN The Configure screen allows you to modify the way the Ditto Shark functions to suit your specific needs Click on the Configure tab to access the Configure screen from the Browser Interface 5 1 SYSTEM The System tab allows you to view and customize the following settings This information is also dis played in the System Settings p...

Page 13: ...nc automatically increments the case number and AutoInc Pause automatically incre ments the case number but displays a confirmation prompt the LCD screen before beginning the requested action These options require a number to be present on the end of the Case Number specified in the Investigation Info section LCD Prompt Evidence Four options may be chosen to modify the evidence number specified in...

Page 14: ...AID or port multi plication PM This option gives you the ability to mirror any two devices you attach regardless of these implementations However the attached devices must still be empty so use the Erase Destination Disk action from the Home screen if the devices are not empty see Section 4 1 6 before attempting to mirror them 5 2 NETWORK The Network tab allows you to view and customize the follow...

Page 15: ...0 DHCP End Address 10 10 10 199 DNS Server Enabled DNS Domain Name ditto local NTP Server Enabled NAT Gateway Disabled Do not connect the Ditto Shark to another network while it is configured as a server Doing so will cause network conflicts and may disrupt network traffic Client DHCP This option automatically configures the destination Ethernet port to connect to the attached net work Client Stat...

Page 16: ...efault settings below will work for most environments with several exceptions Input your own key to ensure that your Ditto Shark remains secure You may be required to conform to your country s laws and regulations regarding wireless radio fre quency usage Select your two digit country code from the Regulatory Domain drop down list and the Ditto Shark will limit the frequencies it may broadcast on ...

Page 17: ...y written If Full is selected the entire disk will be read to ensure that the last pattern was actually written If None is selected no verification will be performed Format After Erase Check this box to format the disk with the default format The default format can be set in the System tab on the Configure screen see Section 5 1 5 4 NETWORK CAPTURE The Network Capture tab allows you to view and cu...

Page 18: ...at the Ditto Shark uses to talk to the third party network protocol analyzer software The default port is 2002 Username The username used by the third party network protocol analyzer software Password The password used by the third party network protocol analyzer software 5 4 3 Advanced Settings Buffer Size Sets the the buffer size used by the Ditto Shark during a network capture action The minimu...

Page 19: ...to the Investigation Info panel on the Home screen see Section 4 2 Timestamp Timestamp Displays the timestamp The timestamp is required to be included in all directory names but it is optional for file names Base Filename Displays the base file name This option is the default first variable for file names but may be changed User customizable Case Number Displays the case number User customizable D...

Page 20: ...governs A hyphen or None indicates that the user does not have access to the features governed by that permission 6 2 2 Configurable Permissions The following list of permissions specifies what each controls and can be configured when adding or editing a user account Some permissions for the Administrator and Front Panel accounts will be greyed out by default Admin None allows access to modify the...

Page 21: ... absolutely certain you wish to delete the account 7 LOGS SCREEN The Logs screen provides information about the Ditto Shark s actions Click on the Logs tab to access the Logs screen from the Browser Interface Action logs show the timestamp the type of action performed the user who performed the action and a link to the Action Log screen that provides more information about the performed action Cli...

Page 22: ...ons for the Ditto Shark The file generated saves a copy of every cus tomizable setting for the unit Save Configuration To save a configuration click on the Save Config button Name the file and then click Continue to open a Save As dialog box and save the file to your computer Load Configuration a Click on the Load Config button browse to the XML configuration file you want to load high light it an...

Page 23: ...l when targeting network traffic in the field The Front Panel interface allows you to perform a network capture or erase a disk You can also adjust settings view information about attached media or check on the Ditto Shark s operational status The administrator account can assign access permissions to the Front Panel s actions and settings using the Browser Interface 9 1 HOW TO NAVIGATE 9 1 1 Usin...

Page 24: ... see Figure 26 You can edit the field currently displayed on the LCD by pressing the Enter button on the face of the Ditto Shark or by pressing Enter or the Right Arrow keys on the keyboard and then using the keys to type Using apostrophes in the name fields will cause an error when the file or folder name is created They should not be used in the Investigation Info fields Text strings longer than...

Page 25: ...ion Table and Quick Erase Quick Start Enables the Quick Start screen on the LCD that appears after you boot or reboot the Ditto Shark The settings for this mode may be modified in the Quick Start tab on the Configure Screen within the Browser Interface See Section 5 6 Prompt Invest Info This opens a Configure Investigation Info window within the Browser Interface after the user has begun an action...

Page 26: ...w Logging Logs any action to preview a disk i e creating a disk snapshot starting or finishing a HexView action Force SSL When enabled this setting forces any browser to use HTTPS to access the Ditto Shark Browser Interface Stealth Mode Turns off all LEDs and LCDs on the Ditto Shark The physical Stealth Mode Switch serves the same purpose see Section If Stealth Mode is enabled from the Browser Int...

Page 27: ...lue Most Ethernet LANs will use the standard MTU of 1500 The commonly accepted range for a valid MTU is 68 to 65 535 as defined in RFC 791 NetCap Link Speed Allows you to set the Ethernet connection speed throughput In most cases Auto Negotiate will work If you experience problems staying connected you may need to change the speed to match what your network s capabilities are Dst Destination Netwo...

Page 28: ...e it from the Browser Interface Click on the Configure tab and then under the System tab change the Stealth Mode drop down box to Enabled Then click Commit Changes If Stealth Mode is enabled from the Browser Interface the physical switch cannot override it 11 ADVANCED FEATURES AND FUNCTIONS 11 1 USING ISCSI DEVICES 11 1 1 Remotely Access an iSCSI Device To connect to an iSCSI device that exists on...

Page 29: ...rk tab b In the Destination Network section select Server from the drop down box underneath the MAC address Do not customize the default server configura tion unless directed to do so by your network administrator c Click Commit Changes d Now connect the iSCSI Device to the Ethernet port on the Destination Interface side of the Ditto Shark The iSCSI device will be assigned a new IP address if the ...

Page 30: ...B SAMBA SHARES 11 2 1 Connect to NFS and SMB Shares a Connect the Ditto Shark to the network that your NFS or SMB share exists on through the Destina tion Interface side of the Ditto Shark b On the Home Screen click the Destination Network button at the bottom of the Disks panel c Click on the NFS tab or the SMB tab depending on which type of share you are connecting to d Type the server name into...

Page 31: ...o Shark b Using the Browser Interface select Network Capture from the Action to Perform drop down box c If you are editing an existing network capture filter that you created select it from the Network Capture Filter drop down box d Type in the ports you wish to capture in your network capture filter in the text box directly below the Network Capture Filter drop down box see Figure 30 Use the word...

Page 32: ...llowed by the subdirectory s name if any You cannot remove existing selections from the Network Capture Filter list To download an XML Schema that can be used to validate your network capture filter XML file type the following into the address bar of an Internet browser where IP Address is the IP address of your Ditto Shark http IP Address data DittoNetCapFilter netCapFilter xsd Click the Informat...

Page 33: ...ton f The Ditto Shark will upload the file to itself Once uploaded it will ask you to confirm the upgrade Click Continue After the upgrade is finished cick OK g The LCD panel of the Ditto Shark will ask you to reboot Press the Enter button on the face of the unit to reboot or click on the Reboot button on the Utilities screen METHOD 3 UPLOAD VIA A USB THUMB DRIVE a Go to the firmware updates websp...

Page 34: ...ser Interface Four line LCD controlled with four soft touch menu navigation buttons or USB keyboard Browser based Ditto interface allows for direct operation remote operation and administration Stealth Mode Turns off all lights LEDs LCD Browser Compatibility Chrome Edge Firefox Opera Safari Hash Modes None MD5 SHA 1 Erase Modes Clear Partition Table Quick Erase External material All metal construc...

Page 35: ...addition to this warranty In no event will CRU or its suppliers be liable for any costs of procurement of substitute products or services lost profits loss of information or data computer malfunction or any other special indirect consequential or incidental damages arising in any way out of the sale of use of or inability to use any CRU product or service even if CRU has been advised of the possib...

Reviews:

No comments

Related manuals for WiebeTech Ditto Shark

PA M25E Instruction Book preview
M25E
Brand: PA Pages: 20
ECW E-AID202 Instructions preview
E-AID202
Brand: ECW Pages: 5
Butler HP441S.18 Instruction Manual preview
HP441S.18
Brand: Butler Pages: 72
Honeywell BFW112 Operating And Maintenance Manual preview
BFW112
Brand: Honeywell Pages: 14
Honeywell 5103-5108 Operations & Installation Manual preview
5103-5108
Brand: Honeywell Pages: 12
Honeywell T7560H Installation And Operating Instructions preview
T7560H
Brand: Honeywell Pages: 2
Honeywell EC7895A1010 Installation Instructions Manual preview
EC7895A1010
Brand: Honeywell Pages: 16
Honeywell CD3000S-1PH User Manual preview
CD3000S-1PH
Brand: Honeywell Pages: 27
Honeywell HD3 equIP Series Installation Manual, Operation And Maintenance Manual preview
HD3 equIP Series
Brand: Honeywell Pages: 2
Honeywell GasAlertQuattro Operator'S Manual preview
GasAlertQuattro
Brand: Honeywell Pages: 47
Honeywell BDR91 Installation Manual preview
BDR91
Brand: Honeywell Pages: 12
Honeywell BW Clip4 Operator'S Manual preview
BW Clip4
Brand: Honeywell Pages: 33
Honeywell Searchline Excel Technical Handbook preview
Searchline Excel
Brand: Honeywell Pages: 107
AEM 21-814C Installation Instructions Manual preview
21-814C
Brand: AEM Pages: 8
Sunex Tools 66175FASJ Owner'S Manual preview
66175FASJ
Brand: Sunex Tools Pages: 7
Dickson PR125 Operating Instructions Manual preview
PR125
Brand: Dickson Pages: 7
Edaphic Scientific ESSAN-01 User Manual preview
ESSAN-01
Brand: Edaphic Scientific Pages: 19
Salter 9106 Instruction Manual preview
9106
Brand: Salter Pages: 41

Brands by name

Popular brands

Load more brands