Skip to content

Instantly share code, notes, and snippets.

@michelep

michelep/gist:e57307846ed7b3eaad68d8d98fee7758

Created May 5, 2022 11:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save michelep/e57307846ed7b3eaad68d8d98fee7758 to your computer and use it in GitHub Desktop.
Save michelep/e57307846ed7b3eaad68d8d98fee7758 to your computer and use it in GitHub Desktop.
Download ZIP
Wireshark remote capture on Linux server
Raw
gistfile1.txt
1) Creo utente per tcpdump
groupadd tcpdump
addgroup <username> tcpdump
chown root.tcpdump /usr/sbin/tcpdump
chmod 0750 /usr/sbin/tcpdump
setcap "CAP_NET_RAW+eip" /usr/sbin/tcpdump
2) Imposto l'accesso senza password (con chiave SSH)
ssh-copy-id
3) Lancio il capture
wireshark '-oextcap.sshdump.remotehost:"remotehost"' -i sshdump -k
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment