 | 1 | initial version |
Do you have or can you load Putty with its utilities?
https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter7.html#plink
I have used plink to tcpdump on a remote machine and view locally in Wireshark. You would want to make a raw connection and pipe that into a Wireshark startup command.
Here is an example with ssh connection. Modify to make a raw plink connection to your monitor session:
https://osqa-ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe
| | 2 | No.2 Revision |
Do you have or can you load Putty with its utilities?
https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter7.html#plink
I have used plink to tcpdump on a remote machine and view locally in Wireshark. You would want to make a raw connection and pipe that into a Wireshark startup command.
Here is an example with ssh connection. Modify to make a raw plink connection to your monitor session:
https://osqa-ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe
Here is example connecting in raw mode:
C:\>plink -raw -P 22 192.168.1.1
SSH-2.0-OpenSSH_6.6.1p1 Debian-4~bpo70+1
Your string would be (filling in port and IP address for the monitor port):
plink -raw -P "Port"" "IP" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -
| | 3 | No.3 Revision |
Do you have or can you load Putty with its utilities?
https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter7.html#plink
I have used plink to tcpdump on a remote machine and view locally in Wireshark. You would want to make a raw connection and pipe that into a Wireshark startup command.
Here is an example with ssh connection. Modify to make a raw plink connection to your monitor session:
https://osqa-ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe
Here is example connecting in raw mode:
C:\>plink -raw -P 22 192.168.1.1
SSH-2.0-OpenSSH_6.6.1p1 Debian-4~bpo70+1
Your string would be (filling in port and IP address for the monitor port):
plink -raw -P "Port"" "IP" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -
Specify a path to plink if needed.
| | 4 | No.4 Revision |
Do you have or can you load Putty with its utilities?
https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter7.html#plink
I have used plink to tcpdump on a remote machine and view locally in Wireshark. You would want to make a raw connection and pipe that into a Wireshark startup command.
Here is an example with ssh connection. Modify to make a raw plink connection to your monitor session:
https://osqa-ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe
Here is example connecting in raw mode:
C:\>plink -raw -P 22 192.168.1.1
SSH-2.0-OpenSSH_6.6.1p1 Debian-4~bpo70+1
Your string would be (filling in port and IP address for the monitor port):
plink -raw -P "Port"" "Port" "IP" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -
Specify a path to plink if needed.