22 Apr
2010
22 Apr
'10
2:01 p.m.
Hi,
Yesterday i had installed wireshark on my centos box which does not have the GUI , It is actually a hardened box. I installed the tool using the following command:
yum install wireshark
After installation i dont know how to proceed further in capturing the packets. I basically want to capture packets and copy them onto my windows box. On the windows box i can use the Wireshark UI to open the pcap file to view its contents.
Wireshark in cli mode is called tshark.
With 'tshark -i eth0 -w outfile' captures all traffic on eth0 to outfile.
Regards,
Michel