2

Is it at all possible to redirect some stdout and have the data saved to a file on a remote server? Below is a terrible example the definitely don't work...

sudo tcpdump ... 2>&1 | ssh ... user@hostname -

Or perhaps using netcat instead of SSH?

sudo tcpdump ... 2>&1 | nc <host> <port> -

Something like this but the solution doesn't work for me..

muru
  • 193,181
  • 53
  • 473
  • 722
Laura
  • 201
  • 2
  • 9

1 Answers1

1

Sure, if you use a command with ssh that writes to the file:

sudo tcpdump ... 2>&1 | ssh ... user@hostname tee /some/file
sudo tcpdump ... 2>&1 | ssh ... user@hostname 'cat > /some/file'

With nc, you'd have to have something on the server listening:

# on server
nc -l <port> > /some/file
# on client
sudo tcpdump ... 2>&1 | nc <host> <port>
muru
  • 193,181
  • 53
  • 473
  • 722
  • Yeah, I tried that exact tcpdump/nc usage. There's no output on the server side. The /some/file is always empty after generate GET requests on the client side – Laura May 18 '18 at 04:43
  • Then you'd have to check where tcpdump is sending its output to. You can swap `sudo tcpdump` with some other command, say `echo foo` to test that `nc` is working fine. – muru May 18 '18 at 04:44
  • echoing foo works, i received it on the server. how can i debug using tcpdump? does piping tcpdump work for you? – Laura May 18 '18 at 04:46
  • using tcpdump alone and generating traffic, i can see data in the tcpdump terminal. im not sure why its not working with nc... – Laura May 18 '18 at 04:48
  • Have a look at https://stackoverflow.com/a/25604237/2072269 – muru May 18 '18 at 04:48