LAN Tap Pro [Great Scott Gadgets]

LAN Tap Pro [Great Scott Gadgets]

Introduction: What is LAN Tap Pro?

Throwing Star LAN Tap Pro is very popular, small and simple device for monitoring Ethernet communication. This powerful and “must have” device, for monitoring networks, comes in two similar but different versions:

  • LAN Tap (in kit form to assemble) and
  • LAN Tap Pro (an assembled device).
Network TAP (Test Access Point) is a hardware tool that allows you to access and monitor networks. TAPs are capable of transmitting both send/receive data traffic simultaneously on separate dedicated ports/channels in real time. They usually have four ports (2 of them to connect to network nodes and additional 2 to connect to the monitoring devices) and most of them are passive devices which means that they are completely invisible to the end user/network (no IP nor MAC address).

LAN Tap Pro is electrically same as LAN Tap, but it’s fully assembled and comes in a plastic enclosure. It’s completely passive, which means it won’t disrupt your current network connectivity/configuration, and if we compare it to some of the competitive TAPs, it’s fairly affordable worldwide.

Throwing Star LAN Tap Pro [features, specs, design]

Basically, it’s a sniffing packet tool made for sole purpose to monitor one direction PER TAP network traffic. If you are in desperate need to monitor two way traffic, you simply need to monitor on two ports. It’s passive, unpowered Ethernet TAP device, requiring no power for operation. Because of its passive nature it’s looks like a section of cable to the targeted network.

How it works?

There are four available ports. Each port monitors traffic in one direction only. Two monitoring ports marked J3 and J4 are receive only, they connect to the receive data lines on the monitoring station but do not connect to the station’s transmit lines, so it becomes impossible for the monitoring station to accidentally transmit data packets onto the target network.

While a Gigabit network may not be passively tapped, the Throwing Star LAN Tap Pro features two specially placed capacitors which force 1000BASET networks to negotiate at lower speeds, typically 100BASETX transparently to the end user. (HAK5)

You need to keep in mind that it degrades signal quality to some extent. Sometimes, it can cause problems on the target network, especially if there is a very long cable in use. The signal degradation could reduce network performance, so try to avoid long cables.


  • Passive tapping
  • TX and RX tapping
  • 10BASET and 100BASETX networks
  • 1000BASET tapping at lower speed
  • Portability, requires no power
LAN Tap PRO and LAN Tap


1. Connect LAN Tap Pro (J1 and J2, using Ethernet cables) in line with a target network to be monitored.
2. Then connect one or both of the additional monitoring ports (J3 and J4) to ports for monitoring stations.
3. Mix it with your favorite software (e.g., tcpdump, TShark, Wireshark, etc.) on the monitoring station(s) to capture network traffic.

Capturing Packets Using LAN Tap Pro

There are numerous and different TAPs available on the market for both enthusiasts and security professionals. But why to choose LAN Tap Pro?

  • There are active methods of tapping but regarding portability nothing can beat passive tap device, such as LAN Tap Pro.
  • Small and highly portable device that you can carry around with ease (it’s very discreet and requires no power).
  • You can use it to secure, access and monitor your large/small network infrastructure without compromising its integrity.
  • By pairing it with software such as tcpdump , TShark, WireShark or any of your favorite packet sniffing/capturing program, it becomes very powerful tool in every possible environment and situation.


Throwing Star LAN Tap Pro is very well built device. As being unpowered it’s handy and highly portable device that should be found in every pentester’s kit bag. Only downside comes from the strongest part of the device, because being passive and unpowered it’s not possible to monitor 1000BASET (Gigabit Ethernet) at full speed.

Regarding the price, which is around $40, from a hardware point of view we can say that it’s somewhat overpriced (simple device), but since it’s very portable and useful device, it can surely be a great value for everyone interested in penetration testing and network monitoring.