Ethereal-users: Re: [Ethereal-users] how to sniff a remote moachine

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <guy@xxxxxxxxxx>
Date: Fri, 18 May 2001 13:25:42 -0700 (PDT)
> Is it possible to sniff the packets of a remote machine with ethereal?

The code in Ethereal that sniffs packets itself can only sniff packets
on the machine on which it's running.

However, if you run a program on a remote machine that writes a capture
file to its standard output (e.g. if you do

	rsh <remote machine> tcpdump -s 65535 -i <interface> -w -

) and redirect the output of that to a FIFO file, and then run Ethereal
with a capture "device" that's the pathname of that FIFO file, Ethereal
will be able to read the capture from that FIFO file.