Hi,
> Yesterday i had installed wireshark on my centos box which does not have
> the GUI , It is actually a hardened box. I installed the tool using the
> following command:
>
> yum install wireshark
>
> After installation i dont know how to proceed further in capturing the
> packets. I basically want to capture packets and copy them onto my
> windows box. On the windows box i can use the Wireshark UI to open the
> pcap file to view its contents.
Wireshark in cli mode is called tshark.
With 'tshark -i eth0 -w outfile' captures all traffic on eth0 to outfile.
Regards,
Michel