Difference between revisions of "How to capture packets using wireshark"

From Kolmisoft Wiki
Jump to navigationJump to search
Line 13: Line 13:
Packets will be saved to directory /home/capture.pcap
Packets will be saved to directory /home/capture.pcap


You can send captured file capture.pcap from your server and open with
You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets.
Wireshark GUI and analyse the packets.


You can analyse network packets on real time on server using command:
You can analyse network packets on real time on server using command:

Revision as of 14:10, 17 November 2011

Wireshark is a network protocol analyzer.

To install Wireshark put this command to Terminal:

yum install Wireshark

After that you can use command:

tethereal -i eth0 -w /home/capture.pcap

To save a dump of packets.

Packets will be saved to directory /home/capture.pcap

You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets.

You can analyse network packets on real time on server using command:

tshark

More options with command tshark you can find find here: