WireShark and TcpDump over SSH
Quick and dirty bash script to start TCPDump on remote host and shovel the data back to WireShark over SSH.
How to use
The script is rather simple but may take up to 5 inputs
.\WoS.sh RemoteHost RemoteInterface RemotePort RemoteUser RemoteKey
Only the first is required. However they all are:
RemoteHost: The host you want to capture packets on.
RemoteInterface: The interface on the remote host on which you want to capture packets. Uses "any" if not specified.
RemotePort: The SSH port. Uses Port 22 if not specified.
RemoteUser: The user that runs tcpdump on RemoteHost.
RemoteKey: The SSH needed to access RemoteHost