This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Is there any tshark command to capture packets on a remote(windows) PC

0

Hi, i am trying to capture packets on a remote (windows)machine from my linux machine. please suggest me a tshark command to capture packets on a remote windows interface.

asked 04 Feb '13, 01:50

anil1982's gravatar image

anil1982
11112
accept rate: 0%

One Answer:

1

Please read the wiki about remote capturing. Quick hint: You need to start rpcapd (WinPcap install directory) on Windows

http://www.winpcap.org/docs/docs_40_2/html/group__remote.html

and then add "Remote Interfaces" in Wireshark.

http://www.wireshark.org/docs/wsug_html_chunked/ChCapInterfaceRemoteSection.html

Regards
Kurt

answered 05 Feb '13, 13:43

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%