PaulDotCom mailing list archives
Re: Remote Traffic Sniff with wireshark.
From: Michael Lubinski <michael.lubinski () gmail com>
Date: Thu, 15 Sep 2011 08:27:48 -0500
+1 for not knowing that feature. Thanks. On Sep 13, 2011 2:20 PM, "Erik Hjelmvik" <erik.hjelmvik () gmail com> wrote:
You'll need to have an RPCAP agent running on the remote client from where you wanna sniff traffic: http://rpcap.sourceforge.net/ This RPCAP is something old built on top of Sun RPC. I don't think many people are using it today. It would be much better if tcpdump, dumpcap and Wireshark could implement native support for Pcap-over-IP instead, as described here:
http://www.netresec.com/?page=Blog&month=2011-09&post=Pcap-over-IP-in-NetworkMiner
Pcap-over-IP is a really nice way of doing lice sniffing from a remote device, such as a firewall. /erik 2011/9/13 Adrian Crenshaw <irongeek () irongeek com>:Crud, I've never used that function. Thanks for letting me know about it. Adrian On Tue, Sep 13, 2011 at 9:19 AM, Larry McDonald <larrymcdonald () uhost org> wrote:
http://www.wireshark.org/docs/wsug_html_chunked/ChCapInterfaceRemoteSection.html
hmmm maybe it does. On Tue, Sep 13, 2011 at 7:50 AM, Adrian Crenshaw <irongeek () irongeek com> wrote:Not sure I follow you, but you can only sniff local traffic in your collision domain unless you pull off some other shenanigans. May be
some
network layer stuff you can do to get the traffic coming to you, but
that
depends on the scenario. Is this IP on the same LAN? Adrian On Tue, Sep 13, 2011 at 3:10 AM, Mohsen Mostafa Jokar <mohsenjokar () gmail com> wrote:Hello All. I want sniffing a remote traffic with Wireshark, when in capture
option
i select remote interface and enter my remote ip show me
error.code(10061).
what should i do? Thanks. Best Regards. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- "The ability to quote is a serviceable substitute for wit." ~ W.
Somerset
Maugham _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Larry McDonald _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Remote Traffic Sniff with wireshark. Mohsen Mostafa Jokar (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Adrian Crenshaw (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Larry McDonald (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Adrian Crenshaw (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Dancing Dan (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Erik Hjelmvik (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Michael Lubinski (Sep 15)
- Re: Remote Traffic Sniff with wireshark. Sven Aluoor (Sep 17)
- Re: Remote Traffic Sniff with wireshark. Larry McDonald (Sep 13)
- Re: Remote Traffic Sniff with wireshark. Adrian Crenshaw (Sep 13)