how can i capture the remote eve-ng with wireshark?

Moderator: mike

Post Reply
m9941102
Posts: 12
Joined: Thu Aug 23, 2018 10:00 am

how can i capture the remote eve-ng with wireshark?

Post by m9941102 » Fri Oct 12, 2018 9:05 am

hello,friend, i am chinese.

i have install eve-ng on physical pc. IP:10.10.171.129.

i can access the web page of eve-ng from pc above from my another pc , IP : 10.10.171.125

now ,when i start up wireshark from pc ( 10.10.171.125), to capture the interface of node

but , show this error , how can i do ?


"Connecting to "root"@10.10.171.129..."
FATAL ERROR: Network error: Connection refused

i have install winpcap on eve-ng pc
as follows
apt-get install bison flex
wget http://www.winpcap.org/install/bin/WpcapSrc_4_1_2.zip
unzip WpcapSrc_4_1_2.zip
cd winpcap/wpcap/libpcap
chmod +x configure runlex.sh
CFLAGS=-static ./configure
make
cd rpcapd
make

rifster
Posts: 21
Joined: Wed Mar 22, 2017 8:14 am

Re: how can i capture the remote eve-ng with wireshark?

Post by rifster » Sun Nov 11, 2018 8:32 am

Hi,
Since the target host is refusing connection I would first check whether the is a firewall blocking that traffic, then check if ssh service is running and root is allowed access over ssh.

Post Reply