Wireshark Remote: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 12: | Zeile 12: | ||
*ssh root@worf "tcpdump -s 0 -U -n -w - -i ppp0 'icmp'" > /tmp/fifo.cap & | *ssh root@worf "tcpdump -s 0 -U -n -w - -i ppp0 'icmp'" > /tmp/fifo.cap & | ||
*wireshark -k -i /tmp/fifo.cap | *wireshark -k -i /tmp/fifo.cap | ||
| + | |||
| + | |||
| + | =Links= | ||
| + | *http://www.commandlinefu.com/commands/view/4373/analyze-traffic-remotely-over-ssh-w-wireshark | ||
Version vom 28. Juni 2017, 14:07 Uhr
Linux
Enables X11 forwarding
- ssh -X root@worf
- root@worf:~# wireshark
In one Command
- ssh -X root@worf wireshark
With tcpdump and a pipe
- ssh root@worf tcpdump -s 0 -U -n -w - -i ppp0 'icmp' | wireshark -k -i -
With tcpdump and a namedpipe
- mkfifo /tmp/fifo.cap
- ssh root@worf "tcpdump -s 0 -U -n -w - -i ppp0 'icmp'" > /tmp/fifo.cap &
- wireshark -k -i /tmp/fifo.cap