Hello Everyone, I want to know that, is there any package of rpcapd ( for Remote capturing ) for Fedora 13-64 bit? Or any rpcapd package for 64-bit Linux will work on that? Please reply!! |
To the best of my knowledge rpcapd.exe is part of WinPACP and doesn't exist for linux, so you won't find it in any repositories. There are how-to blogs out there that take you through recompiling the daemon for linux (Like Here), but these are not guaranteed to work: However, linux does not need rpcapd, from the remote capture section of the wireshark docs: Microsoft Windows only This dialog and capability is only available on Microsoft Windows. On Linux/Unix you can achieve the same effect (securely) through an SSH tunnel. I suggest you google a bit and learn about SSH tunnels, this might be a quick starter for you (Linux Tunnels for Wireshark). Cheers, Craig. I am actually working from Local Windows machine!!
(26 Sep '12, 07:39)
baila
Have a look at plink. Or search around this forum for details on how to run cross-platform captures, I'm sure there was a similar question recently, they pointed to this: http://www.winpcap.org/docs/docs_40_2/html/group__remote.html
(26 Sep '12, 07:44)
CTNOBLE
Hi all, I have tried with Fedora 13-32 bit. I have followed the steps mentioned at http://www.pawelko.net/linux/38-Here . The rpcapd is started successfully. But when I am trying to get the interface list from my local machine,it shows "Can't get list of interfaces: The other host terminated the connection." On another wireshark terminal I found that the authentication is successful with the remote machine. But when the local machine request for the interface list, the remote sends "FIN,ACK" packet. Please Help me [email protected]!
(30 Sep '12, 23:27)
baila
@baila: Did you provide enough capabilities to rpcapd to see any interface?
(30 Sep '12, 23:52)
Jaap ♦
"enough capabilities" means? I am running by simply "./rpcapd" on remote machine!
(30 Sep '12, 23:59)
baila
it gives the same result while I am running rpcapd on remote machine with NULL authentication!!
(01 Oct '12, 00:25)
baila
To capture on a linux machine you need to be root. $ sudo rpcapd
(01 Oct '12, 01:43)
CTNOBLE
I'm refering to http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
(01 Oct '12, 08:13)
Jaap ♦
showing 5 of 8
show 3 more comments
|