Wireshark mailing list archives

Re: Sniffing1GigE interfaces without laptop crashing

From: Richard Bejtlich <taosecurity () gmail com>
Date: Sun, 20 Nov 2011 12:56:57 -0500

+1

There's no need to use a protocol analyzer like Wireshark, Tshark, or
even Tcpdump to just do packet capture.  You introduce more trouble
than it's worth.

Either use Dumpcap or Daemonlogger.

Sincerely,

Richard

On Sun, Nov 20, 2011 at 12:21 PM, Boonie <newsboonie () gmail com> wrote:

Best is not to use wireshark at all for this. Together with wireshark you
have received dumpcap.exe (assuming windows). Use dumpcap for this. Try
limiting it to files of 100 megs each.

Try dumpcap --h for all the options.

Regards,

Dave

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Sniffing1GigE interfaces without laptop crashing Kasper Adel (Nov 20)
- Re: Sniffing1GigE interfaces without laptop crashing Boonie (Nov 20)
  - Re: Sniffing1GigE interfaces without laptop crashing Richard Bejtlich (Nov 20)
    - Re: Sniffing1GigE interfaces without laptop crashing Guy Harris (Nov 20)
- Re: Sniffing1GigE interfaces without laptop crashing Guy Harris (Nov 20)
  - Re: Sniffing1GigE interfaces without laptop crashing Kevin Cullimore (Nov 20)
    - Re: Sniffing1GigE interfaces without laptop crashing Guy Harris (Nov 20)
    - Re: Sniffing1GigE interfaces without laptop crashing Kevin Cullimore (Nov 20)
    - Re: Sniffing1GigE interfaces without laptop crashing Kasper Adel (Nov 21)
    - Re: Sniffing1GigE interfaces without laptop crashing Matthew (Nov 21)
- Re: Sniffing1GigE interfaces without laptop crashing Guy Harris (Nov 20)