Wireshark Remote: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 1: | Zeile 1: | ||
=Linux= | =Linux= | ||
| + | ==tcpdump and wireshark offline== | ||
| + | *ssh root@worf | ||
| + | *tcpdump -s 0 -n -w file-icmp.cap -i ppp0 'icmp' | ||
| + | *CTRL+C | ||
| + | *exit | ||
| + | *scp root@worf:file-icmp.cap . | ||
| + | *wireshark file-icmp.cap | ||
==Enables X11 forwarding== | ==Enables X11 forwarding== | ||
*ssh -X root@worf | *ssh -X root@worf | ||
| Zeile 5: | Zeile 12: | ||
==In one Command== | ==In one Command== | ||
*ssh -X root@worf wireshark | *ssh -X root@worf wireshark | ||
| − | |||
==With tcpdump and a pipe== | ==With tcpdump and a pipe== | ||
*ssh root@worf tcpdump -s 0 -U -n -w - -i ppp0 'icmp' | wireshark -k -i - | *ssh root@worf tcpdump -s 0 -U -n -w - -i ppp0 'icmp' | wireshark -k -i - | ||
Version vom 28. Juni 2017, 14:13 Uhr
Linux
tcpdump and wireshark offline
- ssh root@worf
- tcpdump -s 0 -n -w file-icmp.cap -i ppp0 'icmp'
- CTRL+C
- exit
- scp root@worf:file-icmp.cap .
- wireshark file-icmp.cap
Enables X11 forwarding
- ssh -X root@worf
- root@worf:~# wireshark
In one Command
- ssh -X root@worf wireshark
With tcpdump and a pipe
- ssh root@worf tcpdump -s 0 -U -n -w - -i ppp0 'icmp' | wireshark -k -i -
With tcpdump and a namedpipe
- mkfifo /tmp/fifo.cap
- ssh root@worf "tcpdump -s 0 -U -n -w - -i ppp0 'icmp'" > /tmp/fifo.cap &
- wireshark -k -i /tmp/fifo.cap