Wireshark Remote Capture using X-Forwarding

Because I was not very satisfied with the results of googling “wireshark remote capture x forwarding”, I wrote this little tutorial for my happiness.

1. To enable X11 forwarding on the server you need at least the xauth  program.
On the remote server install the following:

apt-get install xserver-xorg

apt-get install xbase-clients

apt-get install wireshark

2. on local machine:

# ssh -X root@remotemachine
# wireshark

3. Go to Capture > Options > Interface > Pseudo-Device

Advertisements

One comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s