February 21, 2016

remote capture packets and analysis in wireshark

make a FIFO pipe mkfifo /tmp/pipe redirect ssh traffic to pipe* ssh REMOTE_HOST "sudo tcpdump -i eth0 -s 0 -U -w - not port 22" > /tmp/pipe open wireshark to analysis pipe wireshark -k -i /tmp/pipe *tcpdump needs root privilege, so make sure the user you logged-in can run this command or give tcpdump the privileges

Powered by Hugo & Kiss.