Skip to content

Tcpdump parse with Wireshark

homepage-banner

Introduction

Tcpdump and Wireshark are powerful tools for network analysis. Tcpdump captures network packets, while Wireshark provides detailed analysis of the captured packets. In this blog post, we will discuss how to make tcpdump work together with Wireshark to capture and analyze network traffic.

Capture and open with wireshark

Tcpdump is a command-line tool that captures network packets. To capture packets, you need to specify the network interface and the type of traffic you want to capture. For example, to capture all traffic on interface eth0, use the following command:

sudo tcpdump -i eth0 -w a.pcap

Using ssh and wireshark

ssh some.remote.host tcpdump -pni any -w - -s0 -U port 8888 | wireshark -k -i
Leave your message