Ask Your Question

Santiago's profile - activity

2020-12-04 08:48:05 +0000 marked best answer Wireshark ssh capture (plink + tcpdump)

Hello everyone,

So I'm trying to capture traffic from a remote system but I get no packets on Wireshark.

The scenario is:

Windows10 --> SSH to Linux --> SSH to QNX

I have to capture traffic from the QNX system and, in order to do that, I need to go through the Linux system.

So this is the command that I'm using (from Wireshark directory):

"c:/Program Files/Putty/plink.exe" -ssh -batch [email protected] "ssh -q [email protected] tcpdump -s 0 -U -i eth0 -w - 'not port 22'"|"Wireshark.exe" -k -i -

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes

It runs and I can see that it listens but no packets on Wireshark. Any ideas?

Thanks in advance!

Edit 1: Wireshark version:

C:\Program Files\Wireshark>

Wireshark 3.4.0 (v3.4.0-0-g9733f173ea5e)

Copyright 1998-2020 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.15.1, with libpcap, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using
WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler).

Running on 64-bit Windows 10 (1809), build 17763, with Intel(R) Core(TM)
i7-9850H CPU @ 2.60GHz (with SSE4.2), with 32575 MB of physical memory, with
locale Spanish_Spain.utf8, with Npcap version 1.00, based on libpcap version
1.9.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.2, without AirPcap,
binary plugins supported (0 loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.27, build 29112).
2020-12-04 08:48:05 +0000 received badge  Scholar (source)
2020-12-04 08:48:03 +0000 commented answer Wireshark ssh capture (plink + tcpdump)

So, yes, my problem was with Wireshark version. It was driving me crazy, thanks man!

2020-12-03 18:35:51 +0000 commented answer Wireshark ssh capture (plink + tcpdump)

Thanks for answering. I'll test tomorrow and give feedback.

2020-12-03 15:37:28 +0000 commented question Wireshark ssh capture (plink + tcpdump)

Edited with Wireshark verison output.

2020-12-03 15:36:48 +0000 received badge  Editor (source)
2020-12-03 15:36:48 +0000 edited question Wireshark ssh capture (plink + tcpdump)

Wireshark ssh capture (plink + tcpdump) Hello everyone, So I'm trying to capture traffic from a remote system but I get

2020-12-03 12:29:27 +0000 asked a question Wireshark ssh capture (plink + tcpdump)

Wireshark ssh capture (plink + tcpdump) Hello everyone, So I'm trying to capture traffic from a remote system but I get

2020-09-10 20:21:34 +0000 commented question Disable/Enable Eth adapter in order to establish communication?

The vendor indicates the disable/enable technique in their manual.. but I was hoping to figure something else out. I wil

2020-09-10 16:16:49 +0000 commented question Disable/Enable Eth adapter in order to establish communication?

The Media Converter is from Technica Engineering, although I cannot find the model in their website. It has 2 RJ45 conne

2020-09-10 07:02:24 +0000 commented question Disable/Enable Eth adapter in order to establish communication?

Hello, thanks for answering. I'm not an expert in the subject, so my terminology may be a little worng. I'll try to make

2020-09-10 07:01:38 +0000 commented question Disable/Enable Eth adapter in order to establish communication?

Hello, thanks for answering. I'm not an expert in the subject, so my terminology may be a little worng. I'll try to make

2020-09-10 07:00:11 +0000 commented question Disable/Enable Eth adapter in order to establish communication?

Hello, thanks for answering. I'm not an expert in the subject, so my terminology may be a little worng. I'll try to make

2020-09-10 06:59:56 +0000 received badge  Rapid Responder (source)
2020-09-10 06:59:56 +0000 answered a question Disable/Enable Eth adapter in order to establish communication?

Hello, thanks for answering. I'm not an expert in the subject, so my terminology may be a little worng. I'll try to make

2020-09-10 06:26:33 +0000 asked a question Disable/Enable Eth adapter in order to establish communication?

Disable/Enable Eth adapter in order to establish communication? I'm using a Media Converter (1000BASE-T1 --> 1000BASE

2020-09-10 06:26:33 +0000 asked a question Disable/enable Eth adapter in order to capture?

Disable/enable Eth adapter in order to capture? I'm using a Media Converter (1000BASE-T1 --> 1000BASE-T) to read an E