“C:\Program Files (x86)\PuTTY\plink.exe” -ssh -i “S:\mykey.pub” tcpdump -n -nn -s 0 -U -w – -i eth0 | “C:\Program Files\Wireshark\wireshark. To monitor your remote Linux box, connecting with a key: “C:\Program Files (x86)\PuTTY\plink.exe” -ssh -pw password -n -nn -s 0 -U -w – -i eth0 | “C:\Program Files\Wireshark\wireshark.exe” -i – -k. To monitor your remote Linux box, connecting with a username and password: 
You can leave the capture command empty and it will capture on eth0.
“C:\Program Files (x86)\PuTTY\plink.exe” -ssh -t -i “S:\mykey.pub” setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump You just have to configure the SSH settings in that window to get Wireshark to log in and run tcpdump. “C:\Program Files (x86)\PuTTY\plink.exe” -ssh -t -pw password setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump. Before we start monitoring, we will need to give tcpdump permission to capture raw packets:īy logging in with username and password: Falko has written a nice tutorial with some screenshots regarding basic usage of Wireshark. The tools we are using for this on Windows is plink.exe (known from the putty suite of tools), tcpdump and Wireshark. Instead, this procedure connects over ssh to the remote linux, starts tcpdump, redirects the output in realtime over the ssh connection to our windows machine and inputs this into wireshark. Remote SSH Traffic Redirection to Wireshark To redirect traffic on the VNF’s port 1/1/1 or vnet85 on the Hypervisor through the SSH tunnel back to the Wireshark PC, follow the below steps. It comes in handy that we can do this remotely from a laptop running windows and wireshark, this way we don’t need to, first create a packet capture file and transfer this to our computer. For diagnostic purposes, it migt be sometimes necessary to perform a remote capture of network traffic on some linux box.
0 kommentar(er)
