Before we start monitoring, we will need to give tcpdump permission to capture raw packets:īy logging in with username and password: The tools we are using for this on Windows is plink.exe (known from the putty suite of tools), tcpdump and Wireshark. Instead, this procedure connects over ssh to the remote linux, starts tcpdump, redirects the output in realtime over the ssh connection to our windows machine and inputs this into wireshark. It comes in handy that we can do this remotely from a laptop running windows and wireshark, this way we don’t need to, first create a packet capture file and transfer this to our computer. For diagnostic purposes, it migt be sometimes necessary to perform a remote capture of network traffic on some linux box.
0 kommentar(er)
