how to capture remote computer ip using wireshark

I want to capture a remote computer's ip address using wireshark.
By default the wireshark's capture option displays only the local computers ip address.
I have the option of using wireshark on both linux and windows.
pvinodpAsked:
Who is Participating?
 
underskyConnect With a Mentor Commented:
You can't Capture packets on remote server (only if u not hacked it)

 btw, if u have ssh, and login, you can run tcpdamp in ssh session

in linux it's look like

 #tcpdamp -i eth0  (0,1,2,3....* -number of intreface, if u have only one, just use "eth0"), so if u want logging all tcp packets, you need Both machines running on Linux, so u can use

ssh -X distanation

and then run wireshark in terminal, they run as your own, but before start recive packets, filter ssh, or u flooded by your own packages.

other way u can run tcpdamp and save all in file, then just read it..

looks like

# touch tcp.log
# tcpdamp -i eth0 |grep "here your filter rulz(no grep if want all packages WARN (you can overflood self)" &>> tcp.log
0
 
Dave BaldwinFixer of ProblemsCommented:
On my copy of WireShark 1.2.0, there are two columns labeled 'Source' and 'Destination' and both IPs are clearly shown.
0
 
pvinodpAuthor Commented:
Hi Dave,
I think you are talking about the screen on which you see the output after/while capturing.
I am refereing to the option of capturing the packets from a remote machine. I mean the traffic at the remote machine's ipaddress.
By default [when u click Capture->Interfaces] you only see the ipaddress of your local computer. Can I change it is there any other option to capture the packets at a remote system.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
Dave BaldwinFixer of ProblemsCommented:
No, you can't capture from the other end.  That would require access to the device driver on the other machine.  Unless you are able to login to that machine, you can't get that kind of access.
0
 
pvinodpAuthor Commented:
hi
I can ssh to that system. Will that help?
0
 
Dave BaldwinFixer of ProblemsCommented:
Only if that will allow you to run Wireshark on that machine.  Wireshark only works on the machine that it is running on.
0
 
profgeekCommented:
Is the remote system in your network?  If so, you could try placing a system with Wireshark  connected to a hub, and capture all network traffic.  
0
 
pvinodpAuthor Commented:
Thanks for your inputs
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.