With 10/100BASE-T over Cat-5 (but not 1000BASE-T, which uses all four pairs), just disconnect the transmit pair (pins 1 and 2, either green and green/white (T568A) or orange and orange/white (T568B)), and you will no longer be capable of transmitting. Then put your card in promiscuous mode (since you obviously won't be able to establish a connection), fire up your favourite packet sniffer and you're done. Note that you may experience unavoidable data loss, as you will be unable to request that dropped packets be retransmitted.
I thought about that technique, but I was wondering if some hack could remap the pins? I know it would be really hard to pull of, but there are some very determined adversaries out there. So I wondering if I do as you described, but also spice some actual diodes into whatever pairs, either the tx or rx, that are hooked up. Then even if the pins were remapped the electricity could not flow backward.
I can see fiber being more secure though. Even with diodes in copper, just because the electricity wasn't flowing backwards wouldn't stop information from leaking out. You could always vary the electrical load in a specific way and the sending side could detect the difference.
