CatchWire is the perfect companion tool for Wireshark, the world's foremost network protocol analyzer. As an intelligent inline TAP, CatchWire enables IT security staff to conduct detailed monitoring of more endpoints, on an ongoing basis, at lower expense, with less effort. It’s small, very portable and installs within seconds, without the requirement of any additional wiring.
As a Wireshark sensor, CatchWire is plugged into the line connected to a target endpoint. IT professionals at a remote security office can immediately connect with the sensor and access its data stream.
Watch this video for more info.
Simplified Endpoint Monitoring with Wireshark
Wireshark is the de facto standard across many industries and educational institutions. Once coupled with CatchWire, its use cases can be expanded even further. Frequently, the burden of installation time and effort, and the requirement to tie up a laptop to monitor a single endpoint, can impose a limit on both the number of computers monitored, and the length of time they are monitored.
The CatchWire-Wireshark sensor duo eliminates the time and effort involved with connecting a laptop to a line, wiring it to a hub or a switch (for port mirroring), and connecting a power source, in order to view a copy of the data stream. WAW designed CatchWire to collect data and then inject it back to the same network towards a Wireshark application located somewhere in the same network! The data can also be delivered out-of-band through the wireless interface. As an in-line sensor it requires no additional wiring, and on a PoE network - no external power supply.
By simplifying the process of deploying monitoring resources, CatchWire enables IT staff to monitor more, with less effort. Since it is host-agnostic (i.e., it has the ability to function without needing to “know” the underlying details of the applications or operating system running on the device it is connected to) CatchWire eases the way to performing continuous monitoring of endpoints, in more areas of the network.
Acquiring and installing Wireshark
Wireshark is "free software" published under the GNU General Public License version 2. You can download the full version it without any license fee. The current official release is available for Windows and Mac operating systems (32 and 64 bit) at https://www.wireshark.org/download.html. It also provides links to third-party packages for various *NIX systems.
The Wireshark User Guide is available at https://www.wireshark.org/docs/wsug_html_chunked/index.html
Deploying CatchWire and Wireshark
CatchWire is the perfect complement to Wireshark. Wireshark provides complete visibility into the data stream on a network, CatchWire delivers the granularity required to pinpoint any specific location or locations in a network. It works unobtrusively without the need for any network cabling or configuration changes.
Simply plug it in-line into the desired network cable and watch the data stream come in from the remote location of your choice.
Once CatchWire is connected and powered up it will begin broadcasting data. When you connect to it as a remote sensor, you can see the data in your local instance of Wireshark.