Revision as of 19:17, 25 August 2016 (view source) Amanjosan2008 (talk \| contribs) m (Protected "Misc" ([Edit=Allow only logged in users] (indefinite) [Move=Allow only logged in users] (indefinite) [Delete=Allow only logged in users] (indefinite))) ← Older edit		Revision as of 11:02, 2 April 2017 (view source) Amanjosan2008 (talk \| contribs) m (→‎Wireshark: remove) Newer edit →
Line 1: [[Category:Misc]] ~~=Wireshark=~~ ~~==Non-Root Capture==~~ ~~sudo apt-get install libcap2-bin~~ ~~sudo groupadd wireshark~~ ~~sudo usermod -a -G wireshark kirat~~ ~~newgrp wireshark~~ ~~sudo chgrp wireshark /usr/bin/dumpcap~~ ~~sudo chmod 750 /usr/bin/dumpcap~~ ~~sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap~~ ~~Verification:~~ ~~getcap /usr/bin/dumpcap => /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip~~ ~~If still unable to capture:~~ ~~sudo dpkg-reconfigure wireshark-common~~ ~~sudo chmod +x /usr/bin/dumpcap~~ ~~==Tshark==~~ ~~apt-get install tshark~~ ~~tshark -r lotsapackets.cap -R dns -w dns.cap~~ ~~tshark -r lotsapackets.cap -R "dns or tcp.port==80" -w web.cap~~ ~~capinfos web.cap~~ ~~editcap -c 50000 lotsapackets.cap fewerpackets.cap~~ =Network=

Misc: Difference between revisions

Misc (view source)