[CentOS] Capturing Packets -- Ethereal

Thu Jan 17 14:13:13 UTC 2008
Milton Calnek <milton at calnek.com>


Chris Boyd wrote:
> On Wed, 2008-01-16 at 15:31 -0800, Al Sparks wrote:
>>>> From: Milton Calnek <milton at calnek.com>
>>> To: CentOS mailing list <centos at centos.org>
>>> Sent: Wednesday, January 16, 2008 12:50:47 PM
>>> Subject: Re: [CentOS] Capturing Packets -- Ethereal
>>>
>>> The thing to do is to install wireshark on the system without X.
>>>
>>> Then from a machine with X:
>>> ssh -Xf user at macine.without.x wireshark
>> Yours is the coolest answer, though the others were also helpful.
> 
> It's cool, but you have to contend with the traffic generated by the ssh
> and X session overhead in your display and/or captured data, or exclude
> the IP address of the X server from display.  This may or may not be an
> issue for you.

Yah, thats a good point. X generates a lot of traffic.  If you're not on 
the localnet, you may not be able use this method.

In which case you should look into nx.  It allows you to make X 
connections over lower speed networks, but it may require that you run X 
on the remote machine... I don't have much experience with it (one of 
these days).

-- 
Milton Calnek BSc, A/Slt(Ret.)
milton at calnek.com
306-717-8737


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.