Help to set up a "pass through bridge" sniffer
I would like to do the following scenario:
A laptop running Windows 10 with 1 Ethernet port. (The "Wireshark laptop".)
I will install a USB Ethernet dongle to the Wireshark laptop. Now the Wireshark laptop has two Ethernet ports.
Someone will hopefully tell us how to set up the network adapter software to "bridge" Ethernet port 1 to Ethernet port 2 so that data is bidirectionally passed through the 2 Ethernet ports. This can be Windows 10 configuration, or require installing commercial software.
There are other computers here. I will run Cat 5 from the other computers into Ethernet port 1 of the Wireshark laptop, and more Cat 5 from Ethernet port 2 of the Wireshark laptop to the Internet connection.
This will allow me to capture malicious outbound data. If you install Wireshark locally, viruses have enough kernel access that they can prevent Wireshark from "seeing" the outbound network data they send, so you must use an external sniffer. Basically I want to build a device to wiretap myself.
Could you please tell me how to set up the network adapter software to "bridge" Ethernet port 1 to Ethernet port 2 so that data is bidirectionally passed through the 2 Ethernet ports? In addition Wireshark needs to be able to sniff from either of these Ethernet ports.
Thank you for any help and advice.
Yes, I know you asked for "Windows", but you can do this easily with Linux with brctl.
You can run a Live Linux (such as Kali) on your laptop, set up the bridge and run Wireshark to capture the traffic passing the bridge.
Thanks. I might try it with Linux also.