The short answer to your question is that to successfully sniff packets using wireshark or ettercap you will normally have to be on the inside of the network, meaning that you will not be able to intercept the packets sent to and from your web server from behind your home ISP router.My question is (and I hope it's not a daft one!) is how does this vulnerability exist on the internet i.e. if I was at home behind my home ISP router and I know the IP address of our web server - is it feasable to sniff the traffic going to and from the web server? - if so, how would you do it?
For the longer version of the answer you might want to read up on GRE sniffing/tunnelling first. But basically what this refers to is creating a tunnel between your router at home and the one at your work through which all packets will be forwarded to you at home.