Secure PCAP-over-IP with Wireshark? Like with socat?
This article https://www.netresec.com/?page=Blog&m... in the FAQ section mentions about encrypting the PCAP transmission over the network. And suggested use of socat, but didn't present any examples.
I am curious to whether Wireshark, natively, or by combining with additional tools, can support reading PCAP-over-IP that is encrypted. And what that deployment setup might look like.
Whether using Wireshark with socat somehow like how it can be used with netcat, or with the TCP@ip:port interface syntax. e.g. for netcat like "nc -l 57012 | wireshark -i -" and sender side like "tcpdump -i any -w - not tcp port 57012 | nc 192.168.1.2 50712" where the IP is the wireshark host and sender is a different remote host
How could the setup on send and receive side be done replacing netcat with socat or another tool? I did a brief look, seems socat (on macOS) has different CLI options compared to netcat. Or does it require some certain versions of socat for the TLS support?
For using ncat as alternative, I see CLI options for SSL, so assume can work with that. But wanted to ask about socat in case can't use ncat for example.
