Hi all, i'm new... i'm facing this problem for a while and i'm a bit out of ideas. Basically i'd like to intercept the packet send by a remote DSP/DSPs to a host directly connected to them via ssh. I can connect to a third host via VPN that communicate with those two parts. Please somebody help me :)... Thanks to all, Stefano asked 04 Sep '12, 03:24  stefano_r |
One Answer:
DSP/ssh/vpn? I'm afraid, but that's all a bit vague. Can you please post some more information about your network infrastructure? Something like this:
Some questions:
Regards answered 04 Sep '12, 04:46  Kurt Knochner ♦ |
Hi Kurt,
sorry for my poor explanation, yes exactly like this! Well with remote DSP i mean that i'm working in Italy while the DSPs are located in Germany, along with the what you marked as C2 host. Iìd like to be able to analyze the DSP traffic between C1 and C2......regarding the last question well...i'm not aware of the OS in those PC right now, the same for Wireshark.
Br,
Stefano
O.K. so, the "DSP" traffic (did you explain what that is?) gets tunneled through ssh. Right?
If so, you will only be able to capture ssh traffic on C1 and C2, as Wireshark will only see the network packets leaving or entering the machine. That does not help, as ssh is encrypted and Wireshark cannot decrypt it.
What happens to the data after it leaves the ssh tunnel? Is it forwarded to another system, written to disk, processed by another process?
Regarding the OS. If the OS does not support Wireshark (that's why I asked), your out of business, at least in terms of using Wireshark. ;-)