Ask Your Question
0

Running Wireshark on a Remote Server: CentOS Linux 6.9

asked 2018-11-29 13:25:59 +0000

Dave-London gravatar image

updated 2018-11-29 13:27:39 +0000

I am sure this must have been asked before, however my search didn't come up with a helpful answer.

I am in the UK and I lease a dedicated server in the USA. So I have used pUTTY to login to my server and use yum to install Wireshark.

My server is running: CentOS Linux 6.9 Perl version 5.010001 Apache version 2.2.15 PHP versions 5.3.3 MySQL version 5.1.73.

How do I "see" the traffic that Wireshark is detecting on my Windows10 PC here in the UK ?

If necessary I can run a virtual linux box with VMware.

Do I use a client software running here in my windows pc to connect to the server?

Any help would be very much appreciated.

If there is documentation for this in the docs, and I have missed it please send me a link.

Many Thanks. Dave

edit retag flag offensive close merge delete

Comments

Are you attempting to capture traffic on the server and view it on your desktop?

grahamb gravatar imagegrahamb ( 2018-11-29 15:22:00 +0000 )edit
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-29 15:05:25 +0000

Malloy gravatar image

Hi Dave, Are you trying to see the traffic between your computer in the UK and the leased computer in the USA? If so, and assuming you only want to see that traffic, you can run Wireshark so it only records that traffic.

Launch Wireshark on the leased server. In the middle of the screen it says "Capture...using this filer:". Get the IP address from your local computer, and enter "host 192.168.1.35" or whatever your actual IP address is.

Then, when you start the capture, Wireshark will only show the traffic between your computer and the server.

Alternatively, you can install and run Wireshark on your computer in the UK, for the host filter use the IP for the remote server, and do the same thing. Depending on what you are trying to do you might want one, or the other, or both.

FYI - you can also use the FQDN instead of the IP address. For instance, "host myserver.hostedhere.com" instead of "host 192.168.1.35".

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2018-11-29 13:25:59 +0000

Seen: 479 times

Last updated: Nov 29 '18

Related questions

Monitoring UDP data on wireshark shows ARP packet

Stream Capture to a host like Mikrotik - TZSP - UDP Encapsulated

After upgrade to version 2.6.1 remote capture no longer works.

RST packets sent by both client and server during file transfer

What is the position of WinPcap within a Windows server 2016 network stack?

What is wrong with this sequence of TCP 3 way handshake?

How to distribute access? USB [closed]

Technique to monitor TCP SYN requests to the web server with wireshark output

Why my server does not respond to client's [SYN]?

MDaemon Windows Server SSL Certificates

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2