SFTP traffic

0	I want to monitor just for SFTP traffic. How do I do that? I'm sure there is a way to filter for just that. I've never used this product before. sftp asked 30 Jun '14, 08:09 kody6107 11●1●1●2 accept rate: 0% edited 29 Mar '15, 19:08 Guy Harris ♦♦ 17.4k●3●35●196

One Answer:

active answers oldest answers newest answers popular answers

SFTP is a file transfer protocol over SSH, at least that's my definition of it, so you would need to use a display filter for the SSH port: "tcp.port==22". Or, if you only want to capture SSH, use a capture filter: "tcp port 22". Keep in mind that SSH is encrypted, so the packets you can capture that way are of limited use.

permanent link

answered 30 Jun '14, 08:19

Jasper ♦♦
23.8k●5●51●284
accept rate: 18%

thank you... changing the capture to port 22 did the trick

(30 Jun '14, 08:54) kody6107

@kody6107

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(30 Jun '14, 08:57) grahamb ♦

Your answer

toggle preview

community wiki:

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "title")
image?![alt text](/path/img.jpg "title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Question tags:

sftp ×8

question asked: 30 Jun '14, 08:09

question was seen: 13,233 times

last updated: 29 Mar '15, 19:08

SFTP traffic

Follow this question

You have a trillion packets.

You need to see four of them.

Don't have Wireshark?

Related questions