On Nov 28, 2007 7:42 AM, Kieran McCarthy wrote:
>
>
>
>
> Hi guys
>
>
>
> I'm trying to track down a hacker(s) who attempts to hack into one of my
> servers at night between 1 and 3 am GMT. What I'd like to be able to do is
> to run wireshark as a scheduled task to start capturing packets at 1am and
> finish at 3am. Is there currently anyway to do this without resorting to a
> script? Hope you can help as it will save me a few late nights!
>
>
>
> Kieran
Use tshark instead (http://www.wireshark.org/docs/man-pages/tshark.html).
Try
-aduration:10800 (3 hours in seconds)
For writing the results to a file, you can either redirect the output
with '>' for decoded stuff or just use '-w' to write it out raw so you
can open it with Wireshark later.
-Jason
--
NOTICE: Reading this email message requires root privileges which you
do not appear to possess. Sorry, dude.