Wireshark Remote Linux

Aus xinux.net

Zur Navigation springen Zur Suche springen

Linux

tcpdump and wireshark offline

ssh root@worf
tcpdump -s 0 -n -w file-icmp.cap -i ppp0 'icmp'
CTRL+C
exit
scp root@worf:file-icmp.cap .
wireshark file-icmp.cap

Enables X11 forwarding

ssh -X root@worf
root@worf:~# wireshark

In one Command

ssh -X root@worf wireshark

With tcpdump and a pipe

ssh root@worf tcpdump -s 0 -U -n -w - -i ppp0 'icmp' | wireshark -k -i -

With tcpdump and a namedpipe

mkfifo /tmp/fifo.cap
ssh root@worf "tcpdump -s 0 -U -n -w - -i ppp0 'icmp'" > /tmp/fifo.cap &
wireshark -k -i /tmp/fifo.cap

Links

http://www.commandlinefu.com/commands/view/4373/analyze-traffic-remotely-over-ssh-w-wireshark

Abgerufen von „https://xinux.net/index.php?title=Wireshark_Remote_Linux&oldid=13615“