Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Using Wireshark

02 Mar 2011   #1
St4vr0s

Windows 7 Professional X64
 
 
Using Wireshark

Hi, I am having problems with my anti virus on one of my servers. the tech support of the company have asked me to take a capture using wireshark while the anti virus is trying to update. I am however finding a problem with this. For obvious reasons I do not want to send them a full scan of my network...so I was hoping that if I run wireshark off my windows 7 workstation and apply a filter to wireshark so it only gathers packets from the servers IP address, then on the server set the antivurs to update will this collect the information?

If I do this when im RDC'd into the server it only records packets between me and the server not the server and sophos. I am sure this is a problem with the filter I am applying in Wireshark which is "host XX.X.X.X".

I dont supose anyone is experienced with wireshark that would be able to shed any light on where I am going wrong.

Thanks in advance


My System SpecsSystem Spec
.
02 Mar 2011   #2
RayFinkle

Windows 7 Pro 64bit
 
 

If you are on a switch, as opposed to a hub, you cannot use Wireshark the way you seem to think it works. Wireshark can only capture packets on the PC's interface where it is installed. You cannot tell it to capture packets on host xx's interface. A switch does not send all frames to all hosts. A switch learns the MAC addresses of the hosts and sends the frames to the corresponding interface. You must either run Wireshark on the host's interface where you want to capture the traffic; or you can do something like SPAN (or port mirroring) if your switch supports it.....ie, Cisco (SPAN), or Juniper (port mirroring)
My System SpecsSystem Spec
04 Jan 2012   #3
jfernandez

Windows 7 Enterprise
 
 

Hi there,
I found your details online and thought you might be able to help me. Iím working on the next e-zine for SearchNetworking.co.uk, which is focused on Next Generation Network Management.
I wonder if you could help me with the piece. We want users to tell us about their experiences with Wireshark or any other next generation management system. The case study can be about EITHER cloud/virtualization networking management OR 40/100 Gigabit networking and management.
Your experience looked like a good fit so I hope you can help me. Let me know your thoughts.
Best
Joe
Joe Fernandez | TechTarget Ltd
News Editor, Networking Media Group (Networking technology information, news and tips - SearchNetworkingUK)
Office 410 - 417,
4th Floor,
Marble Arch Tower,
London, W1G 0PW
Office: +44 (0)207 868 4288
Mobile: +44 (0)7717 532261
AIM/Twitter: Joe_M_Fernandez
Skype: joefernandez1985
E-mail: jfernandez@techtarget.com
TechTarget Ltd
Where Serious Technology Buyers Decide
www.techtarget.com
My System SpecsSystem Spec
.

Reply

 Using Wireshark




Thread Tools




Similar help and support threads
Thread Forum
How to capture traffic for a specific program using wireshark?
There is an application which download few files. I want to know the download link of those files. Can you tell me how you do. I know nothing about wireshark but know it can work. Or suggest me something else.
Network & Sharing
Wireshark?
Can someone explain to me what wireshark is and what it does and what everything in this image represents.
Network & Sharing
WireShark
The other day I installed WireShark 1.6.3 to see what's going on on my network more especially concerning DNS Traffic. So I filtered DNS traffic and I saw DNS questions asked on my local DNS Server (BIND). What I would like to know is: is it possible to see WHAT application asks DNS questions?...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:22.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App