Menu
I am trying to run Wireshark on Mac OS X, on the background. I did install the command line utilities, and so I am able to start wireshark and capture packet using the command line. The only thing I want now is to run it on the background, without even having the X11 icon on the task bar and see the window of wireshark. I believe it is possible but can't find anything on the doc of Wireshark.
Maybe another way would be to find a trick to hide an icon on Mac OS X...
If anybody already did that or have an idea...
Thank you
Please excuse my English which is not perfect at all
395
This particular example is great for snuffing out botnets and helping you determine the nature of a DDoS attack, as you never know when the attack might occur and a rolling capture will allow you to leave Wireshark running indefinitely. In this example, we will use screen to run Wireshark in the background.
Wireshark is meant to be used with the GUI, although there are some command line options available (see the output of "wireshark -h" for details).
To turn on promiscuous mode, click on the CAPTURE OPTIONS dialog box and select it from the options. If everything goes according to plan, you'll now see all the network traffic in your network. However, many network interfaces aren't receptive to promiscuous mode, so don't be alarmed if it doesn't work for you.
You can start Wireshark from the command line, but it can also be started from most Window managers as well. In this section we will look at starting it from the command line. Wireshark supports a large number of command line parameters.
As far as I remember TShark comes with all distributions of Wireshark. This runs from the command line. The documentation for it is here: http://www.wireshark.org/docs/man-pages/tshark.html
And there's some examples on how to use it here: http://www.codealias.info/technotes/the_tshark_capture_and_filter_example_page
58
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
