yup. use tcpdump on the remote machine to create a pcap file like so tcpdump -i eth0 -n -s0 -w file.cap then just copy that file over and read it with ethereal. Al Sparks wrote: > This may be off topic, but I think my ethereal question might be simple enough. > > I am presently compiling ethereal on a CentOS platform to check it out. > > But the packets I want to monitor are actually on a different CentOS platform, and I'd rather not install Ethereal on it, if for no other reason I don't have X-Windows installed on that platform. > > My question is, can I monitor/write packets to a file on the more remote machine, and then analyze the packets on another machine using my ethereal SW? > > Can I sniff the packets on the remote w/o a full install of ethereal? > === Al > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos