On Sunday 15 June 2008, Mike Bird wrote: > On Sun June 15 2008 20:31:32 Hal Vaughan wrote: > > On Sunday 15 June 2008, Mike Bird wrote: > > > On Sun June 15 2008 20:16:19 Hal Vaughan wrote: > > > > Is there any program (I couldn't find one) that I can run on > > > > this computer, via SSH, that will give me packet info I can > > > > scan in the same way I do with Wireshark when I've got X on a > > > > system? > > > > > > tshark can display packets in realtime or capture to a pcap file > > > which can be copied across the network for display in wireshark. > > > > I'm looking into that. Unfortunately it's not in Sarge. I have > > found a few since I posted by changing my search terms. (I tend to > > always pick what sounds like good search terms that don't give me > > good hits!) > > > > I just started looking at tcpdump, but I'm not sure if it'll give > > more than packet headers. Unfortunately, I need to get this done > > tonight and this is the big hold up -- once I clear this, the rest > > will be easy, so it's one of those cases where I'm hoping I can > > find an easy to use tool that I don't have to spend hours learning > > how to configure. > > I don't have any systems running Sarge but the Packages file in the > repository says that Sarge includes tethereal, which was tshark > before the name change. > > I used to use tcpdump and it was pretty good but these days the > ethereal/wireshark family seem to do a better job of analyzing > packets.
After your suggestion, I did find tethereal, but it doesn't seem to have as much as tshark. I found it in the Sarge backports, along with wireshark-common, which it needed. I got it up and running, dumped the output to a file and loaded it in with Wireshark on my workstation, so it's doing what I need now. Thanks! Hal -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
