Capturing network traffic using wireshark remotely

[sean bzd <seanbzd () gmail com>]

Folks,
Need some advice/help here.

*We have a scenario:*

3 Windows machines all connected to the same Cisco Switch.
Machine1 and Machine2 are exchanging some data that need to be captured.
Ideally, I could install wireshark on either Machine1 or Machine2 and
capture all the traffic being exchanged between the two. But since these are
production machines, we don't want to change/install anything on these 2
machines. Is there a way I can install wireshark on Machine3 and capture the
traffic between Machine1 and Machine2? I know I can do port mirroring on the
Cisco switch and capture it from Machine3. But, question is can I get the
capture without doing port mirroring? I see that the capture Options dialog
box in wireshark has an option for Local Vs. Remote interface? What is it
used for? Has anyone used this before?

Thanks for your help.
Sean.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe