New
#1
Using Wireshark
Hi, I am having problems with my anti virus on one of my servers. the tech support of the company have asked me to take a capture using wireshark while the anti virus is trying to update. I am however finding a problem with this. For obvious reasons I do not want to send them a full scan of my network...so I was hoping that if I run wireshark off my windows 7 workstation and apply a filter to wireshark so it only gathers packets from the servers IP address, then on the server set the antivurs to update will this collect the information?
If I do this when im RDC'd into the server it only records packets between me and the server not the server and sophos. I am sure this is a problem with the filter I am applying in Wireshark which is "host XX.X.X.X".
I dont supose anyone is experienced with wireshark that would be able to shed any light on where I am going wrong.
Thanks in advance