On Nov 28, 2007 7:42 AM, Kieran McCarthy wrote: > > > > > Hi guys > > > > I'm trying to track down a hacker(s) who attempts to hack into one of my > servers at night between 1 and 3 am GMT. What I'd like to be able to do is > to run wireshark as a scheduled task to start capturing packets at 1am and > finish at 3am. Is there currently anyway to do this without resorting to a > script? Hope you can help as it will save me a few late nights! > > > > Kieran
Use tshark instead (http://www.wireshark.org/docs/man-pages/tshark.html). Try -aduration:10800 (3 hours in seconds) For writing the results to a file, you can either redirect the output with '>' for decoded stuff or just use '-w' to write it out raw so you can open it with Wireshark later. -Jason -- NOTICE: Reading this email message requires root privileges which you do not appear to possess. Sorry, dude. _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
