[clue-tech] Wireshark on Centos 5
adam bultman
adamb at glaven.org
Thu Sep 2 16:47:23 MDT 2010
Dumping something with tcpdump, copying it over, and then importing into
wireshark takes a while, though; sometimes it's a lot easier to run
wireshark on the local box (if possible) and then do it there.
I'll ssh -X into a server and run wireshark from there to see what's
going on - I just need to filter out my own traffic so I don't have to
look at all the cruft.
The command line version of wireshark is 'tshark', which has some
options which make it a little easier to use than tcpdump (in my
opinion) , if that helps anybody out.
Charles Hutchinson wrote:
> On Thu, 2010-09-02 at 15:43 -0600, Clayton Fast wrote:
>
>> I need to analyze network traffic from a specific public IP address to
>> a production Centos 5 system but I'm concerned about running wireshark
>> on that system. I've tried running it on a seperate PC on the network
>> but it only reports its own traffic.
>>
>> I'm looking to see if any of you have had any major problems running
>> wireshark on Centos 5.
>>
>> Anyone?
>>
>> Thanks,
>> Clay
>>
>
>
> Wireshark is probably the wrong tool for your needs here. To capture
> the data you need I would use tcpdump to capture the packets to a file
> with the -w switch. You can specify the protocol you want or do not
> want to capture as well as the host (ip) you need to capture data to and
> from. You can (should) also tell it not to capture packets to and from
> the host you are connecting with over ssh.
>
> Once you've seen the error, timeout or just captured enough data I would
> then pull that file to my workstation and import the capture into
> wireshark for quicker analysis. For a lot of issues I do not even
> bother with wireshark. Tcpdump can show you everything you need to see
> but is not pointy clicky friendly.
>
> Charlie
>
>
> _______________________________________________
> clue-tech mailing list
> clue-tech at cluedenver.org
> http://cluedenver.org/mailman/listinfo/clue-tech
>
--
Adam
More information about the clue-tech
mailing list