Windows:
1. Plink
2. Wireshark
3. plink.exe -ssh -pw PASSWORD root@HOST "tcpdump -U -s0 -w - 'not port 22'" | wireshark -k -i -
4. ?????
5. PROFIT!

Linux:
ssh root@HOST "tcpdump -U -s0 -w - 'not port 22'" | wireshark -k -i -

Tested on windows 7 and fedora 19 (connected with Debian).