Monday, June 23, 2003
Remote Capture Using Winpcap
Just when you thought network monitoring couldn't get any cooler -- I learned WinPcap (mailing list) version 3.0 support Remote Capture. "This is an highly experimental feature that allows [you to] interact [with] a remote machine and capture packets that are being transmitted on the remote network. This requires a remote daemon (called rpcapd) which performs the capture and sends data back and a local client that sends the appropriate commands and receives the captured data." What is even cooler -- "The [Remote] daemon [rpcapd] can be compiled and it is actually working on Linux as well." This sounds similar to SVtun. I couldn't get remote capture to work with Analyzer (Sourceforge site) by the WinPcap team, even though it natively supports remote capture.