Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

how to capture remote computer ip using wireshark

Posted on 2011-03-16
8
Medium Priority
?
1,162 Views
Last Modified: 2012-05-11
I want to capture a remote computer's ip address using wireshark.
By default the wireshark's capture option displays only the local computers ip address.
I have the option of using wireshark on both linux and windows.
0
Comment
Question by:pvinodp
8 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 35154108
On my copy of WireShark 1.2.0, there are two columns labeled 'Source' and 'Destination' and both IPs are clearly shown.
0
 

Author Comment

by:pvinodp
ID: 35154135
Hi Dave,
I think you are talking about the screen on which you see the output after/while capturing.
I am refereing to the option of capturing the packets from a remote machine. I mean the traffic at the remote machine's ipaddress.
By default [when u click Capture->Interfaces] you only see the ipaddress of your local computer. Can I change it is there any other option to capture the packets at a remote system.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 35154145
No, you can't capture from the other end.  That would require access to the device driver on the other machine.  Unless you are able to login to that machine, you can't get that kind of access.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:pvinodp
ID: 35154265
hi
I can ssh to that system. Will that help?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 35154287
Only if that will allow you to run Wireshark on that machine.  Wireshark only works on the machine that it is running on.
0
 
LVL 12

Expert Comment

by:profgeek
ID: 35156350
Is the remote system in your network?  If so, you could try placing a system with Wireshark  connected to a hub, and capture all network traffic.  
0
 
LVL 4

Accepted Solution

by:
undersky earned 2000 total points
ID: 35158677
You can't Capture packets on remote server (only if u not hacked it)

 btw, if u have ssh, and login, you can run tcpdamp in ssh session

in linux it's look like

 #tcpdamp -i eth0  (0,1,2,3....* -number of intreface, if u have only one, just use "eth0"), so if u want logging all tcp packets, you need Both machines running on Linux, so u can use

ssh -X distanation

and then run wireshark in terminal, they run as your own, but before start recive packets, filter ssh, or u flooded by your own packages.

other way u can run tcpdamp and save all in file, then just read it..

looks like

# touch tcp.log
# tcpdamp -i eth0 |grep "here your filter rulz(no grep if want all packages WARN (you can overflood self)" &>> tcp.log
0
 

Author Closing Comment

by:pvinodp
ID: 35324983
Thanks for your inputs
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month13 days, 13 hours left to enroll

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question