Using the powers of Wireshark for capturing data on the wire.
There are many different ways to capture data with Wireshark, some of which can be helpful. Here are some methods for capturing.
Below are some examples of capturing data that I have done over the years which have proven helpful.
simple capturing while excluding SSH traffic and DNS traffic
tcpdump -i eth0 -s0 port not 22 and port not 53
capturing from remote host with Mac
- Create your pipe with
- Run wireshark with
wireshark -k -i capturefile &
- Start your capture with `ssh [email protected] “tcpdump -i eth0 -p -n -s0 -w - port 80” > capturefile
Wireshark should now be able to report the contents of the capture.