Wireshark on a remote Linux host using SSH

19 Sep 2013

First you need tshark installed on the remote linux host: sudo yum install tshark -y or sudo apt-get install tshark -y. On the local linux machine you need the normal wireshark GUI packages.

Then from your local linux machine you can run:

[user@linux ~]# wireshark -k -i <(ssh -l root REMOTEHOST tshark -w - not tcp port 22)

Where REMOTEHOST is the remote linux host. The Wireshark GUI should open on your computer and you will see the flow of packets come in.

See full post


New London IP transit

31 Aug 2013

google_transit_ping.png

New IP connectivity on Cogent’s network, very good response times. I get 34ms from my home connection and 7ms from my server at OVH, this gets <0.7ms.

See full post


Don’t log SNMP info messages on CentOS

04 Aug 2013

If you run something like Observium which polls SNMP on your hosts every five minutes, you will get a lot of Connection from UDP: messages in your log files. This can be bad if you send these logs to a syslog server.

On CentOS you can change the verbosity that SNMPD logs.

Edit this line in your etc/init.d/snmpd file:

OPTIONS="-LS0-5d -Lf /dev/null -p /var/run/snmpd.pid"

Then just restart SNMPD:

[user@linux ~]# sudo service snmpd restart

See full post