Situation: 1x Client ( local ) - 1x Server ( remote )
netcat has to be installed on the local client and the syntax should be as follow:
root@local# nc -l -p 9999 > temp.pcapPort 9999 has to be opened on the client or through the firewall / router! on the remote site:
root@remote# tcpdump -s 0 -U -n -w - -i "interface_name" not host "local_ip" | nc "local_ip" 9999
example ( in my case ):
tcpdump -s 0 -U -n -w - -i en1 not host 10.10.10.2 | nc 10.10.10.2 9999
- -s tells tcpdump how many bytes to write in one packet, 0 means that it should record all of them.
- -U tells tcpdump, it shouldn't wait to send data until the buffer is full.
- -n means that there is no hostname / port lookup over dns.
- "-w - |" says that the data will directly sent to netcat and not into a file.
No comments:
Post a Comment