Re: Monitoring Net Traffic From the Console or Another Comptuer

[Hal Vaughan <hal@thresholddigital.com>]

On Monday 16 June 2008, Douglas A. Tutty wrote:
> On Sun, Jun 15, 2008 at 11:16:19PM -0400, Hal Vaughan wrote:
> > Is there any program (I couldn't find one) that I can run on this
> > computer, via SSH, that will give me packet info I can scan in the
> > same way I do with Wireshark when I've got X on a system?
> >
> > And if that doesn't work, is there a way to get Wireshark to read
> > what goes between other NICs?
> >
> > The workstation is the only computer on the LAN with X, so I can't
> > run Wireshark on any server or firewall system.
>
> Why not put wireshark on the target box, set up ssh with
> X-forwarding, run wireshark on the server from the workstation via
> xterm sshing to the target box?  It will run on the server but
> display on the workstation.

I thought of that, but figured I'd run into a lot of dependency issues.  
I didn't follow the entire tree, but I know Ethereal (the target box is 
still on Sarge for a while longer) needs gtk, and I haven't checked 
from there just what other graphic packages or such it needed.

Also I'd have to change my settings on the workstation, since I'm logged 
in to the target box under a different username and I remember that I'd 
have to dig into the X config somewhere to let X display a program run 
under a different user name than the one I'm logged in as.

Thanks for the idea, but for now tshark is handling it.  Unfortunately, 
I missed the deadline.  The system I was working with went down for 
upkeep at midnight and today my system is doing work until at least 
5:30 so I have to leave it alone until then.


Hal