On Wed, 2008-01-16 at 15:31 -0800, Al Sparks wrote: > > > From: Milton Calnek <milton at calnek.com> > > To: CentOS mailing list <centos at centos.org> > > Sent: Wednesday, January 16, 2008 12:50:47 PM > > Subject: Re: [CentOS] Capturing Packets -- Ethereal > > > > The thing to do is to install wireshark on the system without X. > > > > Then from a machine with X: > > ssh -Xf user at macine.without.x wireshark > > Yours is the coolest answer, though the others were also helpful. It's cool, but you have to contend with the traffic generated by the ssh and X session overhead in your display and/or captured data, or exclude the IP address of the X server from display. This may or may not be an issue for you. --Chris