January 13, 2010

Monitor Wireshark Capture (Real-Time) on Remote Host via SSH

Have you thought... "man, it would be nice if I could watch a real-time packet capture on a remote linux host, and oh by the way, I don’t want to stare at some black and white tcpdump or tshark screen either." As long as both your source and remote hosts are running X11 gui and the remote host has wireshark installed, then go to the terminal and type the following:

sudo ssh -Y remoteuser@remotehost sudo wireshark

Read More