Ethereal-dev: Re: Re: [Ethereal-dev] Remote Sniffing

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Thu, 9 Sep 2004 07:30:36 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Password-less ssh?
I just enter password when prompted.
Space?
Use tcpdump instead, with same syntax.
Ethereal wont handle fifo/pipe.
Run a stripped down ethereal with Xlib from remote sniffer to local display?

Always more than one way to do something.

On Thu, 09 Sep 2004 00:14:59 -0700 Gilad Benjamini <yaelgilad@xxxxxxxxxxxxx>
wrote:
>Interesting, but with some drawbacks
>- The remote machine must allow password-less (key based) ssh
>- The remote machine must have tethereal installed; problematic
>with a limited-space embedded system
>- The local machine cannot view capture in real time in Ethereal
>
>-----Original Message-----
>From: <jaime.fournier@xxxxxxxx>
>To: ethereal-dev@xxxxxxxxxxxx, yaelgilad@xxxxxxxxxxxxx
>Date: Wed,  8 Sep 2004 07:17:32 -0700
>Subject: Re: [Ethereal-dev] Remote Sniffing
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Yes.
>
>ssh -l root remotesniffer tethereal -i en1 -w-|tethereal -i -
>
>Your milage may vary.
>
>On Wed, 08 Sep 2004 02:43:53 -0700 Gilad Benjamini <yaelgilad@xxxxxxxxxxxxx>
>wrote:
>>Hi,
>>I have Linux running on an embedded device,
>>on which I would like to sniff traffic. Rather than
>>compiling a full-blown Ethereal, I would rather
>>capture that data and send it to another PC (probably
>>though some UDP socket). The other PC would listen
>>to this socket and would interpet the packets as
>>if they were being directly sniffed.
>>
>>Doesn't look like to much work on the PC side.
>>Question is: any chance someone did anything like
>>this in the past ?
>>
>>TIA
>>
>>_______________________________________________
>>Ethereal-dev mailing list
>>Ethereal-dev@xxxxxxxxxxxx
>>http://www.ethereal.com/mailman/listinfo/ethereal-dev
>-----BEGIN PGP SIGNATURE-----
>Note: This signature can be verified at https://www.hushtools.com/verify
>Version: Hush 2.4
>
>wkYEARECAAYFAkE/FfgACgkQFh/Ot+gyoF4f8gCcCw8rT5GhR35rU/45YxDD+QTDj9oA
>njSE3QQW+Wwcxj6op1ehcK0x2pZ/
>=Hwnd
>-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkFAankACgkQFh/Ot+gyoF4LGgCfcFwPkXakFvMaAYw3TkbROSxyWW0A
oJdoN+xHhg5rtakscUBZL1HPPJ9r
=UI6d
-----END PGP SIGNATURE-----