Solved

how to capture remote computer ip using wireshark

Posted on 2011-03-16
8
1,126 Views
Last Modified: 2012-05-11
I want to capture a remote computer's ip address using wireshark.
By default the wireshark's capture option displays only the local computers ip address.
I have the option of using wireshark on both linux and windows.
0
Comment
Question by:pvinodp
8 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35154108
On my copy of WireShark 1.2.0, there are two columns labeled 'Source' and 'Destination' and both IPs are clearly shown.
0
 

Author Comment

by:pvinodp
ID: 35154135
Hi Dave,
I think you are talking about the screen on which you see the output after/while capturing.
I am refereing to the option of capturing the packets from a remote machine. I mean the traffic at the remote machine's ipaddress.
By default [when u click Capture->Interfaces] you only see the ipaddress of your local computer. Can I change it is there any other option to capture the packets at a remote system.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35154145
No, you can't capture from the other end.  That would require access to the device driver on the other machine.  Unless you are able to login to that machine, you can't get that kind of access.
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 

Author Comment

by:pvinodp
ID: 35154265
hi
I can ssh to that system. Will that help?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35154287
Only if that will allow you to run Wireshark on that machine.  Wireshark only works on the machine that it is running on.
0
 
LVL 12

Expert Comment

by:profgeek
ID: 35156350
Is the remote system in your network?  If so, you could try placing a system with Wireshark  connected to a hub, and capture all network traffic.  
0
 
LVL 4

Accepted Solution

by:
undersky earned 500 total points
ID: 35158677
You can't Capture packets on remote server (only if u not hacked it)

 btw, if u have ssh, and login, you can run tcpdamp in ssh session

in linux it's look like

 #tcpdamp -i eth0  (0,1,2,3....* -number of intreface, if u have only one, just use "eth0"), so if u want logging all tcp packets, you need Both machines running on Linux, so u can use

ssh -X distanation

and then run wireshark in terminal, they run as your own, but before start recive packets, filter ssh, or u flooded by your own packages.

other way u can run tcpdamp and save all in file, then just read it..

looks like

# touch tcp.log
# tcpdamp -i eth0 |grep "here your filter rulz(no grep if want all packages WARN (you can overflood self)" &>> tcp.log
0
 

Author Closing Comment

by:pvinodp
ID: 35324983
Thanks for your inputs
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
App holding yum lock unable to update my rpm package 1 72
voice vlan on meraki using 3CX 3 103
Allow dynamic IP address to become static. 5 47
using BGP Attributes 2 108
Introduction Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question