Wireshark mailing list archives
Re: Windows 2003 Server
From: bart sikkes <b.sikkes () gmail com>
Date: Tue, 4 Dec 2012 17:36:36 +0100
not sure if it is the exact reason, but you might have run into this: http://wiki.wireshark.org/KnownBugs/OutOfMemory as mentioned in the article and the other email also, capturing for longer time / data shouldn't be done with the gui. greetings, bart On Mon, Dec 3, 2012 at 10:58 PM, <Tim.Poth () bentley com> wrote:
Not sure what’s up but if you’re just capturing traffic to look at later maybe you would be better trying tshark or dumpcap Run dumpcap –D to get your interface list EG C:\Program Files\Wireshark>dumpcap -D 1. \Device\NPF_{8CF5911A-754C-4F6D-98B9-E1234E231E00} (Intel(R) 82578DM Gigabit Network Connection) 2. \Device\NPF_{F458FCE1-7DB4-419F-A28B-93679D91D30F} (Microsoft Corporation) 3. \Device\NPF_{978FA0EA-B2E3-4E59-AF48-3674AA75DF55} (Microsoft) 4. \Device\NPF_{02060821-E84A-4AC8-A15C-5B942C5C3975} (Microsoft Corporation) 5. \Device\NPF_{42084919-7FD3-4D55-8989-D5BAB9BB5615} (Microsoft) One you select your interface the number will go after –i in the following command. This example uses interface #1 on my system (note outlook mail client sometimes messes up the dashs so you may not be able to copy and paste, you have to retype) EG dumpcap -i 1 -b filesize:30000 -b files:20 -w c:\temp\packetcapture.pcap Please ensure the output directory exists first! When your ready to stop hit control+c (or kill the command prompt but sometimes this will ‘trash’ the last packet in the capture and wireshark will complain when you open the file) Hope that helps tim From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Jim Hurley Sent: Monday, December 3, 2012 3:23 PM To: wireshark-users () wireshark org Subject: [Wireshark-users] Windows 2003 Server Hello, I installed the latest version of Wireshark onto a server running Windows 2003 Server. The installation went fine, and Win PCap 4.2 installed fine as well. I launched Wireshark and started capturing traffic, no filters, just a ring buffer with 20 files each of 30 megabytes. After a period of time (1 hour maybe 2) I get an error from the OS saying that Visual C++ has asked to terminate in an unusual way. Does anyone know what could be causing this??? Jim ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Windows 2003 Server Jim Hurley (Dec 03)
- Re: Windows 2003 Server Tim.Poth (Dec 03)
- Re: Windows 2003 Server bart sikkes (Dec 04)
- Re: Windows 2003 Server Tim.Poth (Dec 03)