tcpdump mailing list archives

Re: remote capturing using tcpdump

From: Francois Goudal <fg () satcom1 com>
Date: Thu, 07 Oct 2010 15:45:50 +0200

 Le 06/10/10 15:19, Ankith Agarwal a écrit :

Hi
   Is there any solution for reporting the captured packets to a remote
user through the same or another interface. Actually I need to remotely
monitor a machines' incoming and outgoing packets.

I would suggest using the method described here :
http://wiki.wireshark.org/CaptureSetup/Pipes

Take a look at the "Remote Capture" paragraph. It explains how to doremote capture through ssh. I have been doing it several times and itworks great.It uses wireshark/tshark, not tcpdump though, but I'm sure you can dothe same kind of things with tcpdump if you specifically want to usetcpdump instead of tshark.


--
Francois Goudal
Avionics Engineer
Satcom1
Denmark - France - Sweden
Phone: +33170031926
Fax: +33170031922
Mob: +33675506993
e-mail: fg () satcom1 com
www.satcom1.com
Inmarsat: ISP 8422, PSA 3123


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

remote capturing using tcpdump Ankith Agarwal (Oct 06)
- Re: remote capturing using tcpdump Aaron Turner (Oct 06)
  - Re: remote capturing using tcpdump Ankith Agarwal (Oct 06)
    - Re: remote capturing using tcpdump Rob Hasselbaum (Oct 07)
    - Re: remote capturing using tcpdump Richard Huddleston (Oct 07)
    - Re: remote capturing using tcpdump Ankith Agarwal (Oct 08)
    - Re: remote capturing using tcpdump Carter Bullard (Oct 08)
- Re: remote capturing using tcpdump Francois Goudal (Oct 07)