Remote Packet sniff using SSH and Wireshark to analysis

Hello there !

In this brief tutorial, I will show how capture remote traffic through ssh and analysis with wireshark.

the basic to do this is:

$ mkfifo /tmp/remoteif
$ ssh root@yourserver “tcpdump -ni pflog0 -w – host” > /tmp/remoteif
$ wireshark -k -i /tmp/remoteif

* Tips: configure your remote user to use sudo to execute tcpdump. Configure root login without password using keys

An especial thanks to my friend mentesan -> Muito Sapeca !


This entry was posted in Network and tagged , , , . Bookmark the permalink.