Tcpdump parse with Wireshark
Introduction
Tcpdump and Wireshark are powerful tools for network analysis. Tcpdump captures network packets, while Wireshark provides detailed analysis of the captured packets. In this blog post, we will discuss how to make tcpdump work together with Wireshark to capture and analyze network traffic.
Capture and open with wireshark
Tcpdump is a command-line tool that captures network packets. To capture packets, you need to specify the network interface and the type of traffic you want to capture. For example, to capture all traffic on interface eth0, use the following command:
sudo tcpdump -i eth0 -w a.pcap
Using ssh and wireshark
ssh some.remote.host tcpdump -pni any -w - -s0 -U port 8888 | wireshark -k -i