[ale] Wireshark newbie-Q: Promiscous capture
Robert Coggins
ale at cogginsnet.com
Tue Apr 28 18:10:17 EDT 2009
If you are on a switch you may not be able to capture the packets for
other IPs. You need a hub. Unless I am missing something else here...
Robert
Mills John M-NPHW64 wrote:
> ALErs -
>
> I want to capture all [wired] traffic to or from certain IPs (or MACs
> if preferred) on a Linux host attached to a desktop hub through which
> all the traffic of interest is passing.
>
> I set capture into 'promiscous' mode and filter on the stations I want
> to see, but only display packets that would normally be read by my
> wireshark host: broadcast, etc. I run wireshark from a console in which
> I have become 'su'.
>
> What must I do to see on host 'A' all the traffic going between hosts
> 'B' and 'C'? Are there some switches that must be used when building
> wireshark, or other constraints on how it is run?
>
> Thanks for any guidance.
>
> - Mills
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list