Commands from video:
Make sure wireshark allows user to run dumppcap
sudo dpkg-reconfigure wireshark-common (choose yes)
sudo chmod +x /usr/bin/dumpcap
To Run Wireshark as root from a non-root user
sudo su -c 'wireshark -k -i <(ssh firstname.lastname@example.org -p 22 tcpdump -i mvneta0 -U -w - )'
Run as user
wireshark -k -i <(ssh email@example.com -p 222 tcpdump -i xn2 -U -w - )
Run as user exclude Tom computer ip of 192.168.3.9
wireshark -k -i <(ssh firstname.lastname@example.org -p 222 tcpdump -i xn2 host not 192.168.3.9 -U -w - )
Excuse my ignorance, but anyway to pull the VLAN tag information using this method?
Yes, in the example below, adding the
.1337 to the igb0 interface it will only capture VLAN 1337.
wireshark -k -i <(ssh email@example.com -p 22 tcpdump -i igb0.1337 host not 192.168.3.9 -U -w - )
Hello new here just signed up i wonder if this is possible on windows machine? thanks
While I know there is a version of Wireshark for WIndows, https://www.wireshark.org/download.html I am not sure if the tcpdump will work.
Thanks Tom for the reply im more used to linux distro now i think ill try to slowly move on that since im more on managing webservers etc on my work.still more windows on my workplace but our back-end is almost linux now