Comments on: How to monitor packets from a remote interface in real time

By: admin

admin — Sun, 06 Apr 2008 13:20:32 +0000

does it mean that i am working on A and hosting C for writing through port 3000. if yes then how we have logged in to that comp i.e. B.

Er, using SSH?

kindly tell me what does it mean as a whole.
ssh root@hostC tcpdump -s 0 -U -n -w - -i eth0 tcp port 3000 > capture””

It means, ssh into hostC using ssh to capture with tcpdump all packets no matter how big the are, no address resolution, write to standard output, and make it packet-buffered (write each packet to stdout), capture on eth0 and port 3000 and redirect stdout to the “capture” FIFO on hostA, from which we will read from using wireshark. For more information, man tcpdump.

By: amitesh

amitesh — Sun, 06 Apr 2008 05:40:33 +0000

kindly tell me what does it mean as a whole.
ssh root@hostC tcpdump -s 0 -U -n -w - -i eth0 tcp port 3000 > capture”"

By: amitesh

amitesh — Fri, 04 Apr 2008 21:15:07 +0000

golan@hostC:~$ nc -l -p 3000
hostA: our personal computer, * hostC: a test computer where we are going to send data so we can test everything.

does it mean that i am working on A and hosting C for writing through port 3000. if yes then how we have logged in to that comp i.e. B.

By: amitesh

amitesh — Fri, 04 Apr 2008 21:08:51 +0000

its really nice conceptually. I will be needing your help in future.

By: bri

bri — Tue, 03 Jul 2007 13:43:47 +0000

> wireshark -k -i

By: Jesus

Jesus — Mon, 29 Jan 2007 18:44:28 +0000

Half of it?

By: tripu

tripu — Mon, 29 Jan 2007 15:56:55 +0000

I think I got half of it.

Kinda.