Ask Your Question
0

Running Wireshark on a Remote Server: CentOS Linux 6.9

asked 2018-11-29 13:25:59 +0000

Dave-London gravatar image

updated 2018-11-29 13:27:39 +0000

I am sure this must have been asked before, however my search didn't come up with a helpful answer.

I am in the UK and I lease a dedicated server in the USA. So I have used pUTTY to login to my server and use yum to install Wireshark.

My server is running: CentOS Linux 6.9 Perl version 5.010001 Apache version 2.2.15 PHP versions 5.3.3 MySQL version 5.1.73.

How do I "see" the traffic that Wireshark is detecting on my Windows10 PC here in the UK ?

If necessary I can run a virtual linux box with VMware.

Do I use a client software running here in my windows pc to connect to the server?

Any help would be very much appreciated.

If there is documentation for this in the docs, and I have missed it please send me a link.

Many Thanks. Dave

edit retag flag offensive close merge delete

Comments

Are you attempting to capture traffic on the server and view it on your desktop?

grahamb gravatar imagegrahamb ( 2018-11-29 15:22:00 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-29 15:05:25 +0000

Malloy gravatar image

Hi Dave, Are you trying to see the traffic between your computer in the UK and the leased computer in the USA? If so, and assuming you only want to see that traffic, you can run Wireshark so it only records that traffic.

Launch Wireshark on the leased server. In the middle of the screen it says "Capture...using this filer:". Get the IP address from your local computer, and enter "host 192.168.1.35" or whatever your actual IP address is.

Then, when you start the capture, Wireshark will only show the traffic between your computer and the server.

Alternatively, you can install and run Wireshark on your computer in the UK, for the host filter use the IP for the remote server, and do the same thing. Depending on what you are trying to do you might want one, or the other, or both.

FYI - you can also use the FQDN instead of the IP address. For instance, "host myserver.hostedhere.com" instead of "host 192.168.1.35".

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-11-29 13:25:59 +0000

Seen: 522 times

Last updated: Nov 29 '18